QUALIFICATIONS
PROFESSIONAL SKILLS
| Application Security | Secure SDLC, threat modeling, security design & architecture, secure code review |
| | Security testing of native/mobile/web apps & APIs |
| | Cryptography, data protection, keys & secrets management |
| | AuthN/AuthZ protocols, frameworks & implementations |
| | OWASP (Top 10/Testing Guides/Code Review Guide/(M)ASVS/SAMM) |
| | MITRE (CVE/CVSS/CWE/CAPEC/ATT&CK) |
| SecOps & OffSec | Cloud & network security, IAM, security hardening, monitoring, logging & auditing, vulnerability assessment |
| | Penetration testing, bug bounty, incident response |
| | Information security policies & compliance |
| | Cyber threat intelligence |
| Software Engineering | Cloud infrastructure orchestration (AWS & GCP), DevSecOps & CI/CD |
| | Python, Ruby, PHP, JavaScript/TypeScript, HTML, CSS |
| | Bash & PowerShell |
| | Go, C/C++, Visual Basic/ASP/C#.NET, Java, Objective-C, PASCAL, Assembly, Dart, Rust |
PROFESSIONAL EXPERIENCE
Senior Security Engineer
| CrowdStrike | May 2020 - Now |
- As a senior member of the Product Security Team, continuously improving the security posture of the product platforms
- As a senior member of the Product Security Team, continuously improving the security posture of the product platforms by performing security architecture review of various product features and platform integrations as well as maintaining least privilege access to the platforms
- Serve as a subject-matter expert on cryptography, performing critical crypto operations and providing guidance and best practices
- Lead a multi-team project to set up new hardware security module (HSM) appliances and harden systems within their network perimeter
- Design and implement systems to utilize the new HSM for securely maintaining the lifecycle of mission-critical crypto keys
- Lead a multi-team effort to drastically improve the security of the product code signing practices
- Provide technical support to ensure successful periodic audits (SOC2)
- Mentor and support other members within the Product Security Team
| KOHO Financial Inc | November 2017 - April 2020 |
- The main subject-matter expert on information security and the main driving force behind the Security & Privacy Roadmap
- As the first security engineer, bootstrapped, scaled and maintained the information security program
- Led the Platform & Security Team to support the company growth, hired and mentored new Security/DevOps/IT engineers
- Application Security:
- Collaborated with other teams to strengthen the company security posture
- Performed secure code review in a variety of languages and platforms and contributed security-sensitive code
- Conducted security reviews and tests of product features and system integrations
- Owned and maintained the public vulnerability disclosure program (HackerOne)
- Ensured the success of periodic external penetration tests and third-party risk assessments
- Security Operations:
- Performed continuous security review and testing of the cloud infrastructure
- Established company-wide information security baseline: policies, MFA, IAM, data security/classification, etc.
- Designed and implemented critical building blocks of the infrastructure
- Spearheaded the DevOps and Infrastructure as Code transformation effort
- Provided expertise for troubleshooting and optimizing current service platforms
- The first responder when a security event occurs
- Stood up the on-prem IT infrastructure and developed IT security policies from scratch
- Improved security awareness by providing mentorship, trainings and workshops internally
Software Security Engineer
| Intel Security, Intel Corporation (McAfee since April 2017) | January 2015 - October 2017 |
- As a member of the Product Security Team, enabled frequent public releases (on multiple platforms: Windows, macOS, Android, iOS) and backend deployments without any security defects by performing security review and validation on every release cycle
- Served as an advocate for security within development teams, providing security guidance and best practices
- Reported to decision makers via an executive dashboard composing of industry standard metrics (OWASP Application Security Verification Standard (ASVS) and Product Security Maturity Model)
- Successfully designed, implemented and executed a key ceremony for HashiCorp Vault, which stores mission-critical secret keys
- Improved considerably the confidence of features shipped by implementing Agile SDL
- Created and maintained threat models of complex software systems, including but not limited to: client native applications, backend REST APIs, CI/CD and data analytics pipelines
- Ensured sufficient security coverage and continuous security control in the product by integrating static code analysis tools into the CI/CD pipeline and maintaining adequate technical and process documentation
- Provided feedback and remediation strategies in responding to externally reported vulnerabilities
- Discovered and provided remediation solution for security vulnerabilities in other products within the company
Cyber Security Researcher
| National Cyber-Forensics and Training Alliance (NCFTA) Canada | January 2011 - Dec 2014 |
- Researched, designed, implemented and maintained software systems that manipulate hundreds of GB of data per day
- Participated in projects in collaboration with different organizations: analysis of malware, darknet traffic, spam campaigns and seeding cyber threat intelligence databases
- Participated in projects in collaboration with different organizations:
- Malware Analysis: Installed and maintained a dynamic malware analysis environment using GFI Sandbox, analyzed malware reports by applying machine learning techniques
- Darknet Traffic Analysis: Researched and developed a phishing detection and assessment system that extracts phishing URLs from online spam data feeds; Designed and developed a system that analyzes darknet traffic to infer global scanning activities and DDoS attacks in near real-time
- Spam Campaign Analysis: Researched, designed and implemented a spam campaign detection, analysis and investigation software framework which is utilized to enforce the Canada’s Anti-Spam Legislation
- Cyber Threat Intelligence Databases: Designed, implemented (full-stack) and maintained different databases of cyber threat intelligence (passive DNS, scanning activities, DDoS & phishing attacks)
Software Development Engineer
| Vi Na Brilliant Card (VNBC), Dong A Bank | December 2009 – August 2010 |
- Researched and built a nationwide payment system using contactless cards
- Implemented a software framework for managing close-loop payment systems
- Developed and maintained the internal web portal
- Managed the development process of the main website
OTHER WORK EXPERIENCE
| Web Developer, Montreal Saudi Student House | May 2013 |
Built a website for Saudi students in Montreal using XenForo
| Lab Instructor, Concordia University | January 2013 – April 2013 |
Instructed students to build a simple computer using electronic devices (SOEN228)
| Technician, ASUS Vietnam | November 2008 – November 2009 |
Tested and reviewed new products; participated in organizing sale and marketing events
| Member, AMTECH Overclocking Club | January 2008 — December 2008 |
Assembled, modified, overclocked and repaired computer hardware
EDUCATION
Master of Applied Science in Information Systems Security, Concordia University
Thesis: Mining Cyber Security Intelligence from Spam Data
Bachelor of Engineering in Electronics & Telecommunications, Ho Chi Minh City University of Technology
Thesis: Implementing and evaluating the Ad hoc On-Demand Distance Vector (AODV) routing protocol
SELECTED ACADEMIC PUBLICATIONS
Enquêtes sur les pourriels avec le forage de données - Délinquance et innovation, Les Presses de l’Université de Montréal
Enquêtes sur les pourriels avec le forage de données - Délinquance et innovation, Les Presses de l’Université de Montréal (book)
Spam Campaign Detection, Analysis and Investigation - Digital Investigation, Volume 12, Supplement 1 (also Proceedings of the Second Annual DFRWS Europe)
Spam Campaign Detection, Analysis and Investigation - Digital Investigation, Volume 12, Supplement 1 (paper); Proceedings of the Second Annual DFRWS Europe (paper | slides)
Investigating the Dark Cyberspace: Profiling, Threat-based Analysis and Correlation - 7th International Conference on Risk and Security of Internet and Systems (CRiSIS)
Investigating the Dark Cyberspace: Profiling, Threat-based Analysis and Correlation - 7th International Conference on Risk and Security of Internet and Systems (CRiSIS) (paper)
HIGHLIGHTED AWARDS & ACHIEVEMENTS
| Bursary | Fonds de recherche du Québec (FQRNT) | 2011, 2012, 2013 |
| Bursary | Concordia University Graduate Student Support Program (GSSP) | 2011, 2012 |
| Academic Award | Excellent Student in Informatics (Ho Chi Minh City, Vietnam) | 2002, 2004, 2005 |
| Academic Award | Nationwide Informatics Contest for Young Talents (Ha Noi, Vietnam) | 2002 |
| Academic Award | Informatics Contest for Young Talents (Ho Chi Minh City, Vietnam) | 2001, 2002 |
| Bursary | Fonds de recherche du Québec (FQRNT) | 2011, 2012, 2013 |
| Bursary | Concordia University Graduate Student Support Program (GSSP) | 2011, 2012 |
| Academic Award | Excellent Student in Informatics (Ho Chi Minh City, Vietnam) | 2002, 2004, 2005 |
| Academic Award | Nationwide Informatics Contest for Young Talents (Ha Noi, Vietnam) | 2002 |
| Academic Award | Informatics Contest for Young Talents (Ho Chi Minh City, Vietnam) | 2001, 2002 |
| 2nd place | Worldwide Gigabyte Open Overclocking Championship (Taipei, Taiwan) | 2008 |
| 3rd place | Nationwide Gigabyte Regional Overclocking Competition (Ho Chi Minh City, Vietnam) | 2008 |
| Champion | AMTECH Amazing Overclocking Competition (Ho Chi Minh City, Vietnam) | 2008 |
| The Best Cooperation Award | SEAMEO Regional Schools Internet Project (Singapore) | 2003 |
PROJECTS
The First International Conference on Anti-Cybercrime (ICACC) 2015
- Provided trainings for two workshops: Network Vulnerability Scanning and Assessment and Capture-the-Flag Tutorial.
- Organized a Capture-the-Flag event.