KHIN NYEIN CHAN KO KO
Cyber Security, Cloud Security
Summary
Results-driven IT professional with notable success in planning, analysis and implementation of security initiatives. Hardworking and passionate job seeker with strong resilience and can do attitude.
Certified in Cloud Security and Google Cloud Associate.
Overview
8
8
years of professional experience
2
2
Certifications
Work History
Cyber Security Senior Analyst
Citibank N.A Singapore
2 2024 - 6 2024
- Perform security monitoring, assessment and analysis on events generated by Intrusion Detection/Prevention tools, anomaly detection systems, antivirus and EDR systems, email security gateway, proxy devices, cloud security solution, data leakage prevention system via SIEM
- Involve in a continuous effort to improve SOC process
- Undertakes root cause analysis of events, perform risk assessment on threat or vulnerability and make recommendations to improve detection capability
- Make a continuous effort to review and fine tune detection rule/use case/signature to reduce unnecessary noise and increase alert fidelity
- Handle threat incidents calls like DDOS incidents, adhoc high severity cases including collaboration and escalation to other support groups
- Participate in daily and adhoc conference calls, self-assessment processes and documentation related tasks.
- Participate in Cyber Drill Table Top exercise
- Participate in vendor product related CTF
Cyber Security Analyst
Deutsche Bank Pte Ltd
08.2021 - 02.2024
- Monitor, manage alerts and incidents from the SIEM or other channels at all phases (triage, investigate, mitigation, close case)
- Handling of security tickets and work together with appropriate teams
- Support SOC incident manager in incident handling
- Involve in incident management and management reporting
- Create and update playbooks and procedures documents
- Search and identify patterns of compromise, emerging threats and evidence of breach
- Fine Tuning and evaluating cloud use cases
- Act as SME for cloud use cases, testing and sign off
- Work with DFIR and MR to do further analysis during an incident.
Assistant system engineer
Singapore Airlines Pte Ltd
08.2016 - 08.2021
- Conduct security compliance reviews of IT systems, network and core systems
- Process and manage IDs and access
- Manage the information security document repository
- Assist in information security project management, including technical discussions and solving technical issues
- Assess, review and follow-up on security alerts and events
- Support and coordinate information security incident investigations
- FireEye email security administration and end user support
- Privilege Access Management administration
- Assist in information security awareness activities such as write-ups, briefing etc
- Conduct SIA group wide security awareness phishing email campaigns
- Involved in implementation of security alert page (Keeping your data safe) and Security awareness advisory for public in SIA website
- Involved in taking down of fraudulent websites impersonating SIA websites (Brand abuse service)
- Administer Cyber Benchmarking
- Reporting and Tracking of Patching activities
- Coordinate and liaise with external vendors for troubleshooting issues, implementing of new features and investigation of incidents
- Assist and support in educating end users about information security
- Management reporting and operational tasks as assigned
- End user support and operational support for Sentinel One
- Led revamp of Information Security Awareness Course
- Led BitLocker Encryption project
- Led simulated phishing email services project
- Major projects that I led - Messaging Threat Protection (project life cycle), Active Directory Security Monitoring (project life cycle)
- Partially involved in Advanced Threat Protection (SOAR)
IT Security Analyst
Keppel Fels Pte Ltd
8 2015 - 4 2016
- Routine monitoring of security events and alerts
- First and second level incident response to security alerts and incidents
- Administer security monitoring and other systems
- Involve in Splunk Windows log source configuration
- Technical guideline and compliance verification
- Monitor, alert and advise on threat, vulnerabilities, and administer FireEye system.
Security Analyst / Senior Security Analyst
NCS Pte Ltd
7 2012 - 7 2015
- Provide 24x7 Internet Security Surveillance
- Security Incident Management and Escalation
- Assists in detection and resolution of problems caused by security incidents
- Generating reports as per contract requirements
- Provide first level troubleshooting of Serviced Devices
- Assist during troubleshooting
- Perform log analysis of Serviced Devices
- Review of security updates
- Perform change request from configuration change and customers' issues
- Keep Serviced Devices software up to date
- Report on assigned operational tasks to Team Lead
- Generating reports as per customer contract requirements
- Preparing monthly incident reports
- Liaise with customers on security intrusions and provide remedial action
- Guide and Train junior SAs
- Conduct Interviews.
Education
University Degree - Cyber Forensics, Business Information Systems, Information Security Management
Murdoch University
Polytechnic Diploma, University Degree - Cyber Forensics, Business Information systems, Information Security Management, Cyber Forensics, Business Information systems, Information Security Management
Republic Polytechnic, Murdoch University
Skills
Vulnerability Assessment
Data Loss Prevention
Incident Response Planning
Security Awareness Training
Social Engineering Defense
Security Information and Event Management
Digital Forensics
Incident Response
Cloud Security
Data Encryption
Network Security
Intrusion Detection
Incident Management
DDoS prevention
Patch management
Procedure Documentation
Qualys Cloud Platform
Certification
Certified Cloud Security Professional
Additional Information
Splunk Fundamentals Part 1, Splunk Fundamentals Part 2, Google Cloud Associate Engineer (GCP ACE), Certified Cloud Security Professional (CCSP), Airside Safety Certification by CAG, Airline Industry Certification by SIA, Data Driven Decision-Making Certification by NUS ISS, Business Analysis for Agile Practitioners by NUS ISS, LITA Lean IT Foundation by NUS ISS, Fluent in spoken and written English and Burmese
References
Available upon Request
Timeline
Certified Cloud Security Professional
02-2023
Google Cloud Associate
04-2022
Cyber Security Analyst
Deutsche Bank Pte Ltd
08.2021 - 02.2024
Assistant system engineer
Singapore Airlines Pte Ltd
08.2016 - 08.2021
Cyber Security Senior Analyst
Citibank N.A Singapore
2 2024 - 6 2024
IT Security Analyst
Keppel Fels Pte Ltd
8 2015 - 4 2016
Security Analyst / Senior Security Analyst
NCS Pte Ltd
7 2012 - 7 2015
University Degree - Cyber Forensics, Business Information Systems, Information Security Management
Murdoch University
Polytechnic Diploma, University Degree - Cyber Forensics, Business Information systems, Information Security Management, Cyber Forensics, Business Information systems, Information Security Management
Republic Polytechnic, Murdoch University