Johnson Thiang

Experience

My professional journey and educational background

Work Experience

Technical Lead
Bitdefender
Aug 2023 - Present
2 years 1 monthSingapore

Leading software and cloud security teams, developing backend solutions and detection/remediation for cloud misconfigurations. Researching security trends and best practices while serving as advisor on compliance standards.

Key Achievements:

  • Leading cross-functional security teams for enterprise solutions
  • Developed innovative cloud misconfiguration detection systems
  • Led AI automation and integration in compliance processes
  • Advisor on major compliance guidelines and standards such as ISO27001, SOC2, MAS-TRM, and PCI-DSS
  • Research and implementation of cutting-edge security practices

Technologies:

PythonAWSGCPAzureAlibaba CloudContainersServerless
Product Engineering Technical Lead
Horangi Cyber Security (a Bitdefender company)
Jul 2021 - Aug 2023
2 years 1 monthSingapore

Leading software and cloud security teams, developing backend solutions and detection/remediation for cloud misconfigurations.

Key Achievements:

  • Managed product engineering teams and technical roadmaps
  • Developed innovative cloud misconfiguration detection systems
  • Led cloud security initiatives across multiple platforms
  • Mentored engineering teams and junior security professionals

Technologies:

PythonTypeScriptAWSGCPAzureContainersServerless
CyberOps Senior Consultant/Team Lead → Managing CyberOps Consultant
Horangi Cyber Security (a Bitdefender company)
Dec 2017 - Jun 2021
3 years 6 monthsSingapore

Progressed from Senior Consultant/Team Lead to Managing Consultant, performing network and application penetration testing, red teaming operations, and leading cloud security initiatives while managing cybersecurity operations and consulting services.

Key Achievements:

  • Advanced from Senior Consultant/Team Lead to Managing Consultant
  • Led penetration testing and red teaming operations
  • Conducted comprehensive cloud security assessments
  • Managed multiple client security engagements simultaneously
  • Led EV charger security assessment project
  • Conducted SAST and SSAT security assessments
  • Provided strategic security consulting to enterprise clients
  • Provided technical pre-sales support and project management
  • Mentored interns and consultants

Technologies:

Burp SuiteCobalt StrikeMetasploitNmapWiresharkKali Linux
Associate → Consultant → Senior Consultant
Deloitte
Jan 2014 - Dec 2017
3 years 11 monthsSingapore

Progressed from Associate to Senior Consultant, conducting penetration testing, red teaming, security code reviews, and configuration assessments across diverse client environments including financial services and government sectors.

Key Achievements:

  • Advanced from Associate to Senior Consultant over 4 years
  • Conducted penetration testing for financial services and government clients
  • Performed security code reviews for enterprise applications
  • Delivered comprehensive security assessments and compliance reviews
  • Reviewed and secured network architectures
  • Mentored interns and consultants
  • Supported project management and client relationship management

Technologies:

Burp SuiteNessusCobalt StrikeMetasploitNmapWiresharkKali Linux

Education

Bachelor's Degree in Computing (Electronic Commerce)
National University of Singapore
2010 - 2014

Comprehensive computing education with specialization in electronic commerce, covering software engineering, cybersecurity fundamentals, and business technology integration.

Achievements:

  • Solid foundation in computer science and cybersecurity
  • Electronic commerce specialization
  • Technical and business integration expertise
Diploma in Computer and Network Technology
Singapore Polytechnic
2005 - 2008

Technical diploma focusing on computer systems and network technology, providing hands-on experience with networking infrastructure and security.

Achievements:

  • Graduated with Merit
  • Comprehensive networking and computer systems training
  • Foundation for cybersecurity career path

Certifications

AWS Solutions Architect - Associate
Amazon Web Services (AWS)
Issued 2022
Valid until Dec 2025
ID: N86KBCPKSJ1E1BCN
Offensive Security Certified Professional (OSCP)
OffSec
Issued 2017
Current
CREST Registered Penetration Tester
CREST
Issued 2021
Expired May 2024
ID: 75923449
CREST Practitioner Security Analyst
CREST
Issued 2018
Expired Aug 2021
GIAC Penetration Tester (GPEN)
GIAC Certifications
Issued 2015
Expired Mar 2019

Ready to collaborate?

With 11+ years of experience in cybersecurity and cloud security, I'm passionate about securing enterprise applications and leading innovative security teams.