Kenneth Tan
Yong Huat
yet another backend person
Me, pictured in the wild
I love engineering, and my work has revolved around making things secure and efficient. I've been in roles where I tackle security in development and work on infrastructure. In my journey, I've encountered challenges, and I use those experiences to create new and better ways of doing things, both in my job and personal projects.
Right now, I'm really into developing new skills, especially in areas like infrastructure-as-code and automation. I believe in the power of code to manage and define infrastructure, making things smoother and scalable. Automation is another big interest—finding ways to make processes work seamlessly and reliably.
I'm all about the DevSecOps approach, bringing together development, security, and operations. It's not just about fixing security issues; it's about building a culture where security is part of every step in creating something new.
I see every challenge as a chance to grow, and my goal is to contribute to a world where systems are not just efficient but also really secure. As technology keeps changing, I aspire to keep learning and pushing to make things better, believing that innovation is key to moving forward in the digital age.
Experience #
Senior Cybersecurity Engineer #
ExpressVPN (Full-time)
January 2023 — Present
Initiated and executed the establishment of a cutting-edge cloud-based data lake architecture utilizing the AWS ecosystem.
Introduced monorepo concepts, associated tooling, and workflows to enhance discoverability and visibility.
Developed and tested diverse continuous integration (CI) workflows, along with accompanying scripts and tooling, supporting DevSecOps initiatives, encompassing sanity checks, artifact builds, SAST preflight scans, and deployment.
Spearheaded the assessment of SonarCloud SAST for its effectiveness in identifying known issues within our products.
Infrastructure Focus #
Alt-Tab Labs LLP (Co-Founder)
May 2019 — Present
Designed and implemented a proprietary and highly adaptable Capture The Flag (CTF) platform using Golang.
Managed end-to-end deployment and maintenance of custom CTF platforms for prominent local events, including CSIT's Cyberthon and The InfoSecurity Challenge (TISC) spanning 2019-2023, DSTA's Cyber Defenders Discovery Camp (CDDC) in 2019-2020, GovTech's Inaugural STACK the Flags in 2020, and SMU's WhiteHacks@SG from 2019-2022.
Orchestrated successful CTF experiences for over a thousand participants in each event.
Operations Coordinator #
Grab Singapore (Part-time)
August 2022 — September 2022
Managed and expanded functionality of GrabRental's Self-help Portal and Benefits system.
Offered guidance to junior team members regarding project considerations and development best practices.
Ensured the stability and health of service deployments.
Software Engineer #
Grab Singapore (Intern)
June 2022 — August 2022
Enhanced GrabRentals Benefits Programme (GRNavigate) by extending capabilities through a gRPC Go-based service.
Implemented a policy-based methodology for benefit tabulation in alignment with business rules.
Additionally, created a TypeScript Client library to facilitate seamless connectivity with the Benefits service.
DevOps Engineer #
GovTech Singapore (Intern)
February 2020 — September 2020
Conceptualized an integrated infrastructure-as-code development consisting of multiple complementary tools to achieve reproducible and resilient infrastructure.
Security Engineer #
Singapore Armed Forces (Full-time)
September 2014 — May 2019
Extensive work experience encompassing roles as a SOC Analyst, DFIR First Responder & Analyst, Vulnerability Assessor, and Capability Developer.
Demonstrated initiative by creating and implementing an in-house monitoring tool, resulting in a significant 60% time-saving compared to existing tools.
Additionally, played a key leadership role in designing and developing the simulated internet and enterprise environment for Cyber City, publicly unveiled in February 2019.
Certifications #
Business Continuity Certified Foundation (BCCF) #
Business Continuity Management Institute (BCM Institute)
April 2013 — June 2018
Credential ID 4051-BCCF-20180630
Educations #
BSc. Information Systems Management #
Singapore Management University
August 2019 — July 2023
No description
Diploma in Digital Forensics #
Temasek Polytechnic
April 2011 — March 2014
Engaged in diverse extracurricular activities and societies from 2011 to 2013, including active participation in GovWare (Singapore Cyber Conquest) and serving as a student delegate at various events such as GovWare, Information Security Seminar, and CyberSecurity & CyberTerrorism Conference.
Additionally, contributed as a Student Helper at All 'Bout Security, volunteered at SyScan, participated in AirRaid 4@Singapore Poly, represented as a Student Delegate at CACS/ISRM - ISACA, and attended the DSTA Cyber Defenders Discovery Camp.