Contact
Cybersecurity Professional • Penetration Tester • Digital Transformation Enthusiast
4+ years securing digital infrastructures across public and private sectors
View My ExperienceInformation Security undergraduate at the Singapore Institute of Technology with over 4 years of experience across the cybersecurity industry. Career spans the public sector, multinational corporations, and the military, with hands-on involvement in penetration testing, malware analysis, threat modeling, and digital transformation.
Currently interning as a Cybersecurity Engineer at Assurity Trusted Solutions, building LLM-powered threat modeling pipelines and cloud security platforms. Holds the HackTheBox Certified Penetration Testing Specialist (CPTS) certification and is actively pursuing the OffSec OSCP and CISSP.
Areas of focus: penetration testing, AI/LLM security tooling, cloud security, and offensive security research.
Distinction in Ethics and Professional Conduct, Applied Cryptography. Good Credits in Programming Fundamentals, Web Security, Mobile Security, Machine Learning, and Ethical Hacking.
Distinction in Workplace Project (GovTech), Malware Reverse Engineering Project (GovTech), and Ethical Hacking.
Part of the Cyber Specialist Cadet Course Work-Learn Programme, focusing on advanced cybersecurity concepts and practical applications.
Distinction in Additional Mathematics, Mathematics and Chemistry.
Designed and developed an end-to-end automated threat modeling pipeline leveraging large language models (LLMs) to analyze cloud architectures and generate structured security reports mapped to the MITRE ATT&CK framework. Built and maintained an OSCAL-powered cloud security design review platform mapping CISv8 and NIST 800-53 to structured compliance outputs. Worked with professional security consultants on Vulnerability Assessment and Penetration Testing (VAPT), gaining hands-on experience with security tools and testing methodologies. Built and developed tooling to support VAPT processes and automate testing for improved efficiency.
Developed VBA Script achieving 91.67% increase in work efficiency. Implemented innovative work processes reducing administrative overhead for the entire unit. Designed several unit-related posters and plaques, and re-designed the Unit's Logo following the inauguration of the Digital and Intelligence Service.
Managed RBAC user accounts on Active Directory for NUH staff and access to clinical applications. Verified accounts conformed to NUH's security policies. Implemented Excel scripts and embedded VBA to introduce digital transformation, streamlining workflows and optimizing security processes.
Developed Proof-of-Concept chatbot using JS and Python to assist public servants with IM8 (currently ICT&SS) policy queries. Gained exposure to policy and governance frameworks within the Singapore government technology landscape.
Specialized in malware reverse engineering under the Government IT Security Incident Response (GITSIR) team. Analyzed diverse malware families including WannaCryptor (C++ worm) and Netwire RATs (VBA-embedded). Researched Ghidra, NSA's open-source MRE tool, and created educational module content on its basic usage.
Python, JavaScript, Java, C, Assembly, SQL, HTML/CSS. VBA scripting for automation and digital transformation initiatives.
OWASP methodologies, secure coding practices, and web application security assessment and hardening techniques.
EnCase, ProDiscover, and Paraben tools for digital investigation and incident response in enterprise environments.
Reverse engineering using Ghidra, IDA Pro, and WinHex. Experience with diverse malware families from C++ worms to VBA-embedded RATs.
Cloud architecture security review and threat modeling. MITRE ATT&CK framework mapping for cloud environments. Infrastructure as Code (Terraform) and AWS security.
Active Directory management, RBAC implementation, network security, and enterprise security policy development. OSCAL, CISv8, and NIST 800-53 compliance frameworks.
Building LLM-powered security pipelines with Anthropic Claude. Model Context Protocol (MCP) development and integration. Automated threat modeling and compliance mapping using large language models.
Ethical hacking methodologies, vulnerability assessments, and security testing across various platforms and environments. Certified CPTS; pursuing OSCP and CISSP.
Industry-recognised penetration testing certification covering advanced offensive security techniques, Active Directory attacks, and enterprise-level red teaming methodologies.
Advanced certification covering MCP server architecture, tool integration, and building production-grade AI-powered applications using the Model Context Protocol.
Certification in responsible AI usage, prompt engineering, and applying large language models effectively in academic and professional contexts.
Certification in leveraging AI tools for organisational impact, covering ethical AI deployment and practical applications for mission-driven work.
Advanced certification in digital transformation and health technology applications, focusing on user-centred design and behavioural science.
Comprehensive networking fundamentals and Cisco networking technologies certification.
Specialised certification in wireless network security assessment and auditing.
Foundation certification in organisational security analysis and risk assessment.