I have over 6 years of experience as a security engineer and 2 years of experience as a developer. Working as a security group leader under a start-up achieved IPO, I have a solid deep experience in driving and implementing security policies which maximize business opportunities.
Leading company-wide initiatives, transformations, and various aspects of Information Technology Security and Governance for Japan
- Leading a team of 8 full time and 2 subcontracts
- Increased efficiency of operation while saving 10% of budgets
- Building a strategic plan by combining a guideline from the Japanese Financial Services Agency and Cyber Security Framework from NIST.
- Utilizing AzureAD, Intune, Jamf, AWS, and others for the purpose of automated internal systems
- Enabling 100+ members on enabling remote works in safe and convenient manner
- Associated with external organizations, such as JPCERT/CC, 金融ISAC, and OpenID Foundation, for building next-gen policies
• Implemented security policy, standard, procedures in preparing for the IPO.
• Architected and implemented the overall company’s internal system including id management systems, device management, password management, endpoint protection, RBAC, networks, and more.
• Conducted Web vulnerability assessments for our Web apps and API endpoints mainly using BurpSuite. While doing the assessment by ourselves, private bug bounty program has been run.
• Implemented automation tools for automating daily system administrator’s operations.
- Handled Incident response for multiple companies across industries, including one of the largest financial institution in Japan.
- Built and deployed various network-based security appliances such as Juniper SSG, SourceNext(Snort), BIG-IP(ASM), focusing on improving web-based security while maintaining availability, fault tolerance.
- Managed logs collection scheme and built collelated analysis in ArchSight(SIEM) in order to carry out SOC(SecurityOperationCenter).
• Developedaneasy-to-installcloudbasedWAFserviceusingIncapsula.