Sep 2021 – Feb 2023 · 1 yr 5 mos

May 2019 – Sep 2021 · 2 yrs 4 mos

Mar 2018 – May 2019 · 1 yr 2 mos · Mountain View CA

• "MORE than a journey" MORE... than a taxi company - making the glocal sharing economy "mission impossible" possible, green and sustainable, humane and friendly, socially responsible and culturally aware, one city at a time...
• leading DiDi's infosec operations to propel DiDi's go-global strategy and safeguard international business growth;
• leveraging the phenomenally sophisticated state-of-the-art mostly inhouse-developed technology stack and security stack to power DiDi International's cyber visibility and control operations
• go DiDi, go glocal - think AND act globally AND locally anytime anywhere!

Jul 2016 – Jun 2020 · 3 yrs 11 mos · San Francisco Bay Area

• Update - closed down cyber consulting services in mid-2020 due to COVID pandemic, continuing high tech startup and real estate investing
• Helix Cyber Consulting key services:
• enterprise ITSec/cloudSec: program/function/service strategy and roadmap, technical architecture and framework, hands-on engineering and operationalization; DevOps and DevSecOps
• productSec: sdlc/DevSecOps training, product design and implementation security, product red team program development
• security product: cybersecurity stealth mode and early stage technology evaluation, advisory board; PoC/PoV; GTM strategy; technical security marketing
• clientele examples:
• a Fortune Global 100 hi-tech giant
• a big data analytics SaaS CSP
• a leading biz intel SaaS CSP
• a public crowd-funding online and offline SP
• a global travel and transportation online service provider
• multiple cybersecurity technology startups
• deliverable examples:
• for an online service provider: CISO office strategy and function design, program development, team recruiting and leadership
• for a Fortune Global 100 tech giant's Cloud Division: cloud security white paper for the relaunch of its fast-expanding IaaS/PaaS business, cloudSec service R&D strategy and GTM strategy, presentation and live panel at annual customer conference, key contributor to 7-to-10-figure-level network/system/security product sales and solution engagements, stewardship of product security testing industry best practices
• for 2B and 2C SaaS CSPs: SaaS technology stack with built-in full-stack security, WAF and anti-DDoS deployment for an API-driven client-SaaS platform env, app whitelisting, NGFW architecture, DevSecOps methodology design and toolchain implementation, crowd-sourced continuous security testing program design and implementation
• security technology (products and services) PoC/PoV evaluation methodologies and reports
• security awareness trainings, cloudSec trainings
• security ecosystem partnership and joint GTM strategy

Jul 2013 – Oct 2016 · 3 yrs 3 mos · nameless new jedi order behind FEYE five strategic imperatives

• joining the Force,
• transforming cyber security detection and response,
• protecting the universe from within the order...
• let time be the witness of our saga "to infinity and beyond"
• IT security visibility and control framework, technology selection, design, implementation and operationalization: mdm, vuln mgmt, mtp, etp, wsg, waf/ddos, cloudsec, nac, trust framework
• product security and code protection standard, program and framework
• fireeye@fireeye program, security technology ecosystem partnership and growth

Oct 2011 – Jul 2013 · 1 yr 9 mos

• de-certified security free-thinker, mindshift instigator, status-quo change agent: security strategy, architecture and operations maturity through SMART metrics
• full-throttle antidote injector against enterprise and online hosting infrastructure threats / vulns
• trust framework candle holder: trust framework design and implementation for internal online hosting provider, private clouds, and enterprise networks,
• data center security guard dog: major defense feats against the Anonymous and intellectual property violators
• emerging threats surveillance platform and drone
• defcon responder
• subversium neutralizer
• media content illuminator
• security vendor bomber: why? "the emperor has no clothes," yet his bay-to-breakers continue the march...

Mar 2006 – Sep 2011 · 5 yrs 6 mos

• sdlc aficionado: agile security development lifecycle design, implementation to operations
• crypto key panhandler: pki, hsm, key rotation, asymmetric/symmetric crytpo system design and development
• drm monger: digital right management system design, development and operations
• product ir ops: entire product line's product vulnerability and incident response program management
• 99.999 uptime guard: high scalability high availability infrastructure design
• time travel couch potato: timeshift, live-to-vod, digital video recorder IPTV feature design and development
• frequency hopper: WiFi channel hijack for IPTV streaming optimization
• ultimate anti-cert: all my certs left expired, the self re-realized and en route to self-fulfillment, masterhood never, there's only one yoda

Apr 2002 – Mar 2006 · 3 yrs 11 mos

• infrastructure security watchdog / black ops
• netsec architecture bugle boy / plumber / salesman
• c1sc0nian gmail id since may 2004
• ccsa, ccse certified 2003

Oct 1998 – Jun 1999 · 8 mos

Jul 1995 – May 1999 · 3 yrs 10 mos

• research assistant, bibliographer for Professor Jeffrey Riegel for the first English translation of "The Annals of Lü Buwei" (Lüshi Chunqiu 呂氏春秋) and for his research on the Analects of Confucius (Lun Yu 論語);
• teaching assistant and tutor, upper-level Chinese Literature courses

Jul 1998 – Dec 2000 · 2 yrs 5 mos

• .com network plumber
• c1sc0kid [at] yahoo
• garage router rack night oil burner
• cisco cert advocate / instructor
• mcp, mcse certified 1999
• ccna, ccnp certified 2000

Jan 1998 – Apr 2002 · 4 yrs 3 mos

• not-so-ethical hacker
• know-it-all routing/switching/firewalling/wifi netsec sme, pac northwest
• infosec audit token boy
• cissp #24000 certified 2001
• cisco ccie written passed 2001
• cisco css1 certified 2002
• sun solaris scsa/scna certified 2002

Jan 1995 – Jan 1995 · 0 mo · america

• fob from beijing
• new dream chaser

Aug 1991 – Jun 1995 · 3 yrs 10 mos