Phyo WaThone Win
Yangon
Summary
Certified cybersecurity professional with extensive experience in penetration testing, vulnerability management, and cybersecurity training. Proven track record in enhancing security measures for various organizations, including financial institutions and educational institutions. Recognized for contributions to security research and acknowledged by multiple prestigious organizations.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Freelance Bug Bounty Hunter and Pentester
09.2021 - Current
- Conducted application, website, API, and network penetration testing on platforms like Bugcrowd and Hackerone.
Instructor and Freelance Pentester
ALFA Network Security
01.2021 - Current
- Conducted penetration testing and cybersecurity courses.
- Provided ethical hacking services and penetration testing.
IT Security Specialist (Pentesting - Supervisor)
AYA Bank
08.2023 - 03.2024
- Conducted vulnerability assessments and penetration testing for systems, networks, and applications.
- Ensured PCI DSS compliance and created vulnerability assessment reports.
- Collaborated with the SOC team to address cybersecurity incidents and implemented SIEM solutions.
Cyber Security Analyst
ONOW Myanmar
07.2022 - 08.2023
- Developed and implemented device and password security policies.
- Conducted phishing tests and social engineering assessments.
- Performed internal and external penetration testing and vulnerability management.
- Provided user awareness training on cybersecurity best practices.
- Remote
Instructor
Lat Twae Space
11.2022 - 05.2023
- Delivered training courses on cybersecurity and Linux.
Freelance Penetration Tester and Ethical Hacker
04.2018 - 08.2022
- Performed penetration testing for Android, network, and websites.
- Provided detailed reports and received acknowledgment letters from clients.
Networking, ITPEC & Security Lecturer and Pentester
M.S.T (Myanmar Skill of Technology University)
01.2020 - 07.2022
- Conducted training courses on computer systems, ITPEC, CEH, and cybersecurity.
- Provided hardware and software troubleshooting, network installation, and maintenance.
- Performed penetration testing and vulnerability assessments.
Education
Higher National Diploma (SQA, UK) - Computer Science
M.S.T College
01.2019
B.Sc (Hons) - Cyber Security and Networking
University of Central Lancashire (UCLan)
02.2023
Skills
- Expertise in security assessments
- Manual code review expertise
- Proficient in vulnerability assessment software
- Proficient in analyzing source code: Python, Bash
- Knowledge of PCI-DSS standards
- Familiarity with MITRE ATT&CK and OWASP frameworks
- Experienced in managing multiple operating systems: Unix, Linux, Mac, and Windows
- Skilled in utilizing Elastic and TrendMicro for security operations
- Effective communication strategies
- Bug bounty program participation
Certification
- Certified Red Team Professional (CRTP)
- Certified Mobile Pentester (CMPen)
- Certified Red Team Analyst (CRTA)
- Multi-Cloud Red Team Analyst (MCRTA)
- Certified Mobile Application and Penetration Testing
- Practical Ethical Hacking
- ISO/IEC 27001 Information Security Associate
- Network Defences Essentials
- Digital Forensics Essentials
- Certified Network Security Specialist
References
- +959783555784, M.S.T Institute, Founder
- Maythu@onow.com, ONOW Myanmar, HR
- Tinhutunaung@ayabank.com, AYA Bank, Team Manager
Awards
- Singapore Government Technology Agency: Received swag for reporting high vulnerability.,
- U.S. Department of Homeland Security: Listed in Security Hall of Fame.,
- U.S. Department of Labor: Listed in Security Hall of Fame., State of California Government: Listed in Security Hall of Fame.,
- U.S. Department of Defense: Listed in Security Hall of Fame.,
- U.S. Government Records Community (National Archives Government): Certificate of Security Acknowledgement Letter.,
- U.S. Department of Education (DoED): Security Certificate of Recognition.,
- NASA: Listed in Security Hall of Fame., Google: Received monetary reward and listed in Security Leaderboard., Binance: Received bounty and listed in Security Hall of Fame.,
- SANS: Listed in Security Hall of Fame.,
- EC-Council: Listed in Security Hall of Fame and received appreciation certificate.,
- Trend Micro: Listed in Security Researcher Hall of Fame.,
- IBM: Listed in Security Hall of Fame.,
- Dell: Received reward for reporting vulnerability.
Timeline
IT Security Specialist (Pentesting - Supervisor)
AYA Bank
08.2023 - 03.2024
Instructor
Lat Twae Space
11.2022 - 05.2023
Cyber Security Analyst
ONOW Myanmar
07.2022 - 08.2023
Freelance Bug Bounty Hunter and Pentester
09.2021 - Current
Instructor and Freelance Pentester
ALFA Network Security
01.2021 - Current
Networking, ITPEC & Security Lecturer and Pentester
M.S.T (Myanmar Skill of Technology University)
01.2020 - 07.2022
Freelance Penetration Tester and Ethical Hacker
04.2018 - 08.2022
B.Sc (Hons) - Cyber Security and Networking
University of Central Lancashire (UCLan)
Higher National Diploma (SQA, UK) - Computer Science
M.S.T College
Similar Profiles
Xander BiolloXander Biollo
Babysitter at NABabysitter at NA
CLÉLIA CROZE-LABBECLÉLIA CROZE-LABBE
Baby sitter at NABaby sitter at NA
Priscila TeixeiraPriscila Teixeira
Babysitter at NABabysitter at NA
Alexandre DarneAlexandre Darne
Baby Sitter at NABaby Sitter at NA
Thiha AungThiha Aung
Senior Full Stack Developer at Beary Cloud TechnologiesSenior Full Stack Developer at Beary Cloud Technologies