Professional Summary
Experienced cybersecurity professional with 5+ years specializing in Digital Forensics &
Incident Response (DFIR), threat hunting, and malware analysis. Proven track record in
leading enterprise-level incident response engagements, building detection engineering
pipelines, and reverse engineering advanced persistent threat (APT) malware. Holds globally
recognized certifications (CHFI, JNCIA, eJPT) and a strong background in SIEM engineering,
threat intelligence platforms, and adversary simulation. Passionate about reducing dwell time
and strengthening organizational cyber resilience.
Professional Experience
Cyber Security & DevOps Engineer
Outpost24
July 2018 – Present · Remote
- Deployed and operated SaaS security platforms specializing in Security Monitoring, Incident Response,
and Threat Hunting.
- Conducted Vulnerability Assessment and produced Threat Intelligence Reports for enterprise clients.
- Bridged DevOps and cybersecurity practices to ensure continuous security integration in CI/CD pipelines.
Offensive Security Researcher
Government Organization · Vietnam
2018 – Present
- Specializing in Threat Hunting, Incident Response, and Threat Intelligence across government and
enterprise environments.
- Conducted red team operations and adversary emulation to assess and strengthen national-level security
posture.
- Produced classified threat intelligence reports aligned with MITRE ATT&CK framework.
Cloud & Infrastructure Engineer (AWS)
NashTech
November 2025 · Freelance
- Provided cloud deployment, infrastructure support, and network engineering services on AWS environments.
- Implemented secure, scalable cloud architectures aligned with AWS Well-Architected Framework.
Cloud & Infrastructure Engineer (AWS)
GoTyme X
March 2018 – September 2021
- Designed, implemented, and managed secure and scalable network solutions on AWS Cloud.
- Ensured high availability, performance, and operational reliability of cloud-hosted financial services.
- Collaborated with security teams to enforce IAM policies, VPC segmentation, and encryption standards.
Deployment Engineer
EI CO., LTD
October 2008 – April 2018
- Implemented and maintained NCR ATM systems including hardware deployment and network configuration.
- Provided troubleshooting and operational support for banking infrastructure across multiple sites.
- Coordinated with banking clients to ensure 99.9% uptime of ATM networks.
Technical Skills
Cloud Security (AWS/Azure)
Splunk / QRadar
Wireshark / tcpdump
Volatility / Redline
YARA / Sigma
IDA Pro / Ghidra
MISP / OpenCTI / ThreatQ
CrowdStrike / SentinelOne
Velociraptor / KAPE
MITRE ATT&CK
Autopsy / FTK
CAPE / Cuckoo
KQL / SPL
Nmap / Metasploit
Git / Linux / Windows
Key Projects & Research
Ransomware Incident Response Simulation
Full-lifecycle IR engagement: initial triage, network containment, forensic
acquisition (RAM + disk), decryption key analysis, and root-cause mapping to MITRE ATT&CK framework.
Delivered executive report + technical remediation plan.
GhidraKAPEVelociraptorVolatilityATT&CK
Navigator
Threat Intelligence Feed Automation
Designed enriched IOC pipeline from OSINT sources + MISP, integrated with Splunk
SIEM. Achieved <20 min threat-to-detection (TTD) for APT infrastructure indicators.
PythonMISPThreatQSplunkVirusTotal API
Malware Analysis Sandbox
Built automated dynamic analysis workflow using CAPE/Cuckoo + static unpacking
pipeline. Produced YARA rules deployed for in-the-wild sample detection across SOC environment.
YARACAPEIDA
ProPythonx64dbg
Certifications & Credentials
CHFI v10 — EC-Council
Computer Hacking Forensic Investigator
JNCIA-Junos — Juniper Networks
Juniper Networks Certified Associate
eJPT — INE / eLearnSecurity
Junior Penetration Tester
Google Data Analytics
Data-driven security insights & analytics
IBM Cybersecurity Analyst
Professional Certificate — Coursera
Fortinet Certified Associate (NSE)
Fortinet Network Security Expert
Google Cybersecurity Certificate
Professional Certificate — Coursera
Education
Bachelor of Information Technology
Duy Tan University
2015 – 2019