Nguyen Hung Anh
Nguyen Hung Anh
Threat Hunter ยท Incident Responder ยท Malware Analyst

[email protected]

github.com/z3r0w3i

weix.dev

Remote / Global

CHFI v10 JNCIA-Junos INE eJPT Google Data Analytics Google IT Automation Google IT Support IBM Cybersecurity Analyst Fortinet Certified Associate Google Cybersecurity AWS Certified CloudOps Engineer
Professional Summary

Experienced cybersecurity professional with 5+ years specializing in Digital Forensics & Incident Response (DFIR), threat hunting, and malware analysis. Proven track record in leading enterprise-level incident response engagements, building detection engineering pipelines, and reverse engineering advanced persistent threat (APT) malware. Holds globally recognized certifications (CHFI, JNCIA, eJPT) and a strong background in SIEM engineering, threat intelligence platforms, and adversary simulation. Passionate about reducing dwell time and strengthening organizational cyber resilience.

Professional Experience
Cyber Security & DevOps Engineer
Outpost24
July 2018 โ€“ Present  ยท  Remote
  • Deployed and operated SaaS security platforms specializing in Security Monitoring, Incident Response, and Threat Hunting.
  • Conducted Vulnerability Assessment and produced Threat Intelligence Reports for enterprise clients.
  • Bridged DevOps and cybersecurity practices to ensure continuous security integration in CI/CD pipelines.
Offensive Security Researcher
Government Organization  ยท  Vietnam
2018 โ€“ Present
  • Specializing in Threat Hunting, Incident Response, and Threat Intelligence across government and enterprise environments.
  • Conducted red team operations and adversary emulation to assess and strengthen national-level security posture.
  • Produced classified threat intelligence reports aligned with MITRE ATT&CK framework.
Cloud & Infrastructure Engineer (AWS)
NashTech
November 2025  ยท  Freelance
  • Provided cloud deployment, infrastructure support, and network engineering services on AWS environments.
  • Implemented secure, scalable cloud architectures aligned with AWS Well-Architected Framework.
Cloud & Infrastructure Engineer (AWS)
GoTyme X
March 2018 โ€“ September 2021
  • Designed, implemented, and managed secure and scalable network solutions on AWS Cloud.
  • Ensured high availability, performance, and operational reliability of cloud-hosted financial services.
  • Collaborated with security teams to enforce IAM policies, VPC segmentation, and encryption standards.
Deployment Engineer
EI CO., LTD
October 2008 โ€“ April 2018
  • Implemented and maintained NCR ATM systems including hardware deployment and network configuration.
  • Provided troubleshooting and operational support for banking infrastructure across multiple sites.
  • Coordinated with banking clients to ensure 99.9% uptime of ATM networks.
Technical Skills
DFIR & Forensics
Malware Analysis & RE
SIEM Engineering
Threat Intelligence
Python / PowerShell
Cloud Security (AWS/Azure)
Splunk / QRadar Wireshark / tcpdump Volatility / Redline YARA / Sigma IDA Pro / Ghidra MISP / OpenCTI / ThreatQ CrowdStrike / SentinelOne Velociraptor / KAPE MITRE ATT&CK Autopsy / FTK CAPE / Cuckoo KQL / SPL Nmap / Metasploit Git / Linux / Windows
Key Projects & Research
Ransomware Incident Response Simulation
Full-lifecycle IR engagement: initial triage, network containment, forensic acquisition (RAM + disk), decryption key analysis, and root-cause mapping to MITRE ATT&CK framework. Delivered executive report + technical remediation plan.
GhidraKAPEVelociraptorVolatilityATT&CK Navigator
Threat Intelligence Feed Automation
Designed enriched IOC pipeline from OSINT sources + MISP, integrated with Splunk SIEM. Achieved <20 min threat-to-detection (TTD) for APT infrastructure indicators.
PythonMISPThreatQSplunkVirusTotal API
Malware Analysis Sandbox
Built automated dynamic analysis workflow using CAPE/Cuckoo + static unpacking pipeline. Produced YARA rules deployed for in-the-wild sample detection across SOC environment.
YARACAPEIDA ProPythonx64dbg
Certifications & Credentials
CHFI v10 โ€” EC-Council Computer Hacking Forensic Investigator
JNCIA-Junos โ€” Juniper Networks Juniper Networks Certified Associate
eJPT โ€” INE / eLearnSecurity Junior Penetration Tester
Google Data Analytics Data-driven security insights & analytics
IBM Cybersecurity Analyst Professional Certificate โ€” Coursera
Fortinet Certified Associate Cybersecurity Fortinet Certified Associate โ€” Cybersecurity Pathway
Google Cybersecurity Certificate Professional Certificate โ€” Coursera
Google IT Automation with Python Professional Certificate โ€” Coursera
Google IT Support Professional Certificate โ€” Coursera
AWS Certified CloudOps Engineer AWS Cloud Certification
Education
Bachelor of Information Technology
Duy Tan University
2015 โ€“ 2019