May 2017 – Jan 2019 · 1 yr 8 mos · Malaysia

• Led incident response, digital forensics, threat hunting, and compromise assessment engagements, providing hands-on technical leadership across proactive and reactive scenarios.
• Designed and maintained IR and DFIR policies, SOPs, and operational procedures, strengthened consistency, readiness, and execution quality across engagements.
• Led threat intelligence and hunting initiatives, correlating adversary activity with attack vectors and translating findings into actionable mitigation recommendations.
• Established and led SOC detection and automation capabilities, designing detection logic, workflows, and response processes, and applying advanced data analysis and correlation techniques to improve detection accuracy, investigation efficiency, and response effectiveness.

Apr 2016 – Apr 2017 · 1 yr

• Managed multiple cybersecurity engagements, including vulnerability assessment and penetration testing (network, application, OS), incident response, digital forensics, and security risk assessment for enterprise and regulated clients.
• Led advanced incident response and digital forensics investigations, performing root cause analysis and supporting containment and remediation for clients in the financial, banking, and telecommunications sectors.
• Developed and customized scripts, applications, and technical tooling to support advanced threat monitoring and vulnerability management, contributing to long-term, large-scale client engagements.
• Supported regional collaboration and capability development, contributing to the KPMG Cyber Academy and coordinating with APAC cybersecurity teams (including Australia and New Zealand) under the Strategic Growth Initiative (SGI).

Jan 2014 – Mar 2016 · 2 yrs 2 mos · Malaysia

• Subject Matter Expert leading cybersecurity and digital forensics teaching, research teams, and student communities, and contributing to core modules in cybersecurity, incident response, and digital forensics.
• Designed and delivered industry-aligned curricula, including course structures, lesson plans, lecture content, practical labs, assessments, and schemes of work in line with national and international quality assurance standards. Both for degree and master's level, based on the Malaysian Qualifications Agency (MQA)
• Implemented industry-based teaching strategies to bridge theory and real-world practice, improving student engagement, applied skills, and professional readiness.
• Research and industry collaborations, supervised final-year projects, and mentored students for national and international technical competitions.
• APU IEEE student branch founder and Counselor: Formation of APU IEEE Student Branch, Formation of APU IEEE Computer Society, Formation of APU IEEE Communication Society, Formation of APU IEEE Computational Intelligence Society, Organizing International IEEE Conference (SCOReD 2015).
• Founder of the first Malaysian ISACA student group at APU.
• Founder of the first Malaysian CompTIA Academy Partner at APU.

Apr 2012 – Dec 2013 · 1 yr 8 mos

• Coordinate with managing directors and C-levels to design cybersecurity strategies that align with BarbodTech group's core business goals and objectives.
• Provide technical cybersecurity roadmaps for new projects and products that balance innovation, security, and operability.
• Regularly reviews standard operating procedures and protocols to ensure the security unit continues to meet operational requirements effectively.
• Lead and manage complex security assessments and penetration testing to improve the cyber hygiene of BarbodTech group people, process, and technology.

Aug 2011 – Mar 2012 · 7 mos

• Define, plan, develop and manage BarbodTech Group information security risks management processes to safeguard all branches to perform the business mission.
• Define and develop up-to-date procedures and best practices in the security space of new products (hardware/software), features, framework components, and wireless infrastructure.
• Conduct proactive research to identify security threats that may affect BarbodTech products, applications, networks, and its client's infrastructure, along with operational action plans to minimize the impacts.
• Work with the internal stakeholders to translate complex information security issues into business risk followed by countermeasures.
• Develop threat models and verify the existing security mitigations strategies required for BarbodTech products and the clients

Jul 2010 – Jul 2011 · 1 yr

• Act as the primary security representative to the development and infrastructure teams and provide them with information security oversight.
• Work closely with hardware and software engineers on new product launches to understand each device's specific builds and needs to identify security issues early in the development cycle.
• Perform comprehensive research to document vulnerabilities, relevant exploits, and the attack surface for BarbodTech products, including hardware, applications, and frameworks.
• Formulate various security test cases to assess BarbodTech products' security based on the client's operational infrastructure.

Apr 2012 – Feb 2013 · 10 mos · Malaysia

• Contribute as a lead researcher to identify the new area of research in cybersecurity.
• Participate in scholarly activities as a member of the UM Security Research Group (SECReg), including research, publications, and conference presentations.
• Design and develop a comprehensive dataset using real-world Botnets for both mobile and computer networks.
• Formulate a machine learning-based Botnet/APT detection model with high accuracy for enterprise networks.

Oct 2006 – Nov 2007 · 1 yr 1 mo

• Plan, communicate, coordinate, and perform security assessments for network, application, and systems.
• Perform a continuous assessment to discover, validate, and document security issues in the company/client's networks.
• Execute security configuration review on company/client's systems and provide system hardening recommendations.
• Generate detailed configuration testing reports to discuss security issues, business risks, and potential countermeasures.

Jul 2004 – Sep 2006 · 2 yrs 2 mos

• Analyze the current network architecture and systems to identify the requirements and perform solutions, planning, and installation.
• Manage the network devices, servers, firewalls, and network performance monitoring to ensure the resilience of the current network environment.
• Provide network operation support, problem isolation, and troubleshooting.
• Design and implement security best practices for network and device configurations and hardening.

Apr 2003 – Jun 2004 · 1 yr 2 mos

• Perform ongoing server maintenance, including installing or upgrading hardware, software, and upgrades.
• Conduct problem diagnosis in resolving internet access and computer issues.
• Monitor and maintain network core solutions to ensure data consistencies.
• Research, review, and test new hardware, applications, and technology ideas applicable to different departments.

Aug 2002 – Mar 2003 · 7 mos

• Set up workstations, install, and configure the required software and applications.
• Schedule and perform network maintenance and system upgrades.
• Provide technical support for systems, networks, and data backup.
• Provide end-user technical support and issue resolution.