Myeong seok, Bryan, Cha
Details
Block
Staff Platform Security Engineer, Information Security
•Enable DevSec Ops to ensure applications are secure by adding continuous security validation to CI/CD pipeline
•Application penetration test, Static code review, Vulnerability management of Docker container images and AWS VPC architecture
•Build AWS technical security standard and design the security design of AWS application migration projects
•Developed Real-time Threat Intelligence management in-house solution to automate the threat hunting workflow
2017 : 2019
Ellie Mae
Staff Engineer, Information Security
·Built Information security operations team including incident response, computer forensics and investigation, security tool engineering, and system operation
·Built the SOC and in-house security monitoring workflow automation and computer forensics lab
·Enabled the data analytics driven detection based on the Big data platform
·Enabled the intelligence driven detection for the endpoint security and network anomaly detection
·Developed the AWS security monitoring including CloudTrail and configuration audit
·Automated Incident response processes including the incident response workflow and Incident management system
·Delivered the computer forensics and investigation
2015 : 2017
Human Longevity, Inc.
Information Security lead
-Building the enterprise computer forensic program to support the critical threat response and legal cases
-Implemented the host forensic technology for data centers and corporate user environment based on the EnCase enterprise and FTK
-Implemented the cloud forensic technology for the hypervisor virtual machines in the data centers
-Implementing the network forensic technology for a search capability of the network flow data and transaction data
-Implemented the malware reversing technology to analyze unknown malware leveraging the targeting attacks
-Building the forensic program processes and partnership with the corporate security, privacy team, and legal team
2014 : 2015
Intuit
Staff Engineer, Information Security
•Security Incident Response lead at eBay CERT(Computer Emgergency Response Team)
•Responsible for the forensic program covering the eBay ink and Paypal providing forensic service and malware analysis service
•Design and build the eBay intelligent security operation(iSOC) center providing visual intelligence indentifying the persistent threat actvities along with the killchain
•Develop the network based the extrusion detection through traffic data analysis including full packet contents, session data, and event meta data
•Designed eBay cloud security monitoring for eBay PaaS including log management, monitoring structure, and incident response
•Deployed the SIEM(Security Information Event Management) to collect various security events for the event correlation analysis
•Developed the anti DDOS structure, which can cover the L4/L7 DDOS attack, of the eBay Korea production network based on L7 loadbalancer and packet filtering
•Responded crucial national DDoS attacks including 7th July 2009 DDoS attack and 4th March 2011 DDoS attack which was using HTTP GET flooding
•Carried out the forensic analysis of the compromised systems to support the eBay litigation team since the lawsuit was filed by 2078 victims out of 20 million victim group
•Joined eBay to investigate the eBay Korea PII data breach that 20 million member data in the production DB was exfiltrated by Chines hackers in 2008, and implemented multi million remeidation projects including the network security, DB security, and aWeb application security
2008 : 2014
eBay
CERT team lead, Global Information Security
About
•Information security professional with seasoned experience in building Information security engineering and operations including computer incident response, forensics, DevSec Ops, and software engineering at Block(Square), Ellie Mae, Human Longevity Inc., Intuit, eBay/PayPal, National Computer Emergency Response Team (CERT), Carnegie Mellon University, Antivirus Software Company, and Managed Security Service (MSS) provider
•Expertise on the computer forensics and artifact analysis for the incident response and litigation support, Designing and implementing the national SoC(Security Operation Center), eBay intelligence SoC, and eBay PaaS cloud security monitoring
•Software engineering in Intrusion Detection System(IDS), SIEM(Security Information and Event Management), Next-gen Anti-virus, Incident Response Workflow Automation, Secure OS(Operating System) and Big data (Bigquery, Cloud dataflow, Cloud composer, Pub/sub, Kinesis, SQS, SNS)
•Cloud security in AWS, GCP and Kubernetes
•Certificates: CISSP, CISM, Computer Information System Auditor(KCISA), Information Technology Professional Engineer(ITPE), CCNA, Splunk power user, Swimlane SOAR Administrator, Swimlane SOAR Developer
•Author of the IT engineering book (Network and Information security domain, Theory and best practices for the IT professional engineers)
•Computer language: JAVA, Ruby, Python, Go, C, C++
Specialties: Computer Forensic, Incident Response (CSIRT), Intrusion Detection, Artifact analysis, DDoS, Software engineering, Cloud technology, AWS security, GCP security, Kubernetes security, Threat hunting, Penetration test, Security orchestration automation response
Profile Photo
