Notable Work

Tools I’ve built for threat intelligence, detection engineering, and incident response, from internal CTI workflows to public investigation utilities.

CTI Platform

Heartbeat

Internal threat operations platform for news aggregation, geolocation mapping, ransomware tracking, and LLM-assisted monthly TI review workflows.

Threat Intel LLM Automation
Internal Tool
Detection Engineering

Huntsman

Agentic threat intelligence and hunting workspace using RAG over live sources and uploaded reports to build executable Sentinel/XDR hunt packages.

RAG Sentinel/XDR Hunt Packages KQL
Internal Tool
Threat Intelligence

ShadowPulse

Unified IP, domain, and hash investigation across VirusTotal, Shodan, GreyNoise, and AbuseIPDB.

FastAPI Security tooling
View live tool β†’

Work Experience

Incident Responder

Oct 2025 – Present

EY

Support incident response engagements across triage, scoping, containment advisory, evidence coordination, and forensic artifact analysis. Manage CTI workflows, mentor analysts, and build internal tooling for threat operations and detection engineering.

IR Forensics CTI X-Ways Magnet AXIOM FTK Imager Arsenal Image Mounter OpenCTI KQL/SPL

Software Engineer Intern

May – Aug 2024

LandingPad

Improved UI/UX resulting in 25% increase in user engagement. Redesigned frontend components using Tailwind CSS, Liquid (Shopify), and JavaScript. Integrated Shopify with QuickBooks.

UI/UX Tailwind CSS Liquid JavaScript Shopify

SOC Analyst Intern

Dec 2021 – Aug 2022

Ensign InfoSecurity

Triaged 300+ security alerts using SIEM and CrowdStrike EDR, produced threat intelligence reports, and identified 50+ client-specific vulnerabilities from underground forums and feeds.

SOC Alert Triage CTI SIEM CrowdStrike

Cyber Security Specialist

Dec 2018 – Aug 2021

Digital Intelligence Service Β· Seconded to Cyber Security Agency of Singapore

Pioneer batch of Cyber Specialists conducting threat hunting, SOC monitoring, and digital forensics for government cyber operations and Critical Information Infrastructure environments.

Threat Hunting SOC Splunk QRadar Forensics

Full Stack Developer Intern

Dec 2017 – Feb 2018

Henderson Security Services Pte Ltd

Completed various full-stack development tasks during internship.

Full Stack Web Development

Skills & Tooling

IR & Forensics

Triage, containment, root cause analysis, X-Ways, Magnet AXIOM, FTK Imager, Arsenal Image Mounter

Threat Intel & Hunting

OSINT, underground forum analysis, CVE analysis, threat actor profiling, detection engineering

SIEM & EDR

Splunk SPL, Microsoft Sentinel KQL, QRadar, CrowdStrike, OpenCTI

Development

Python, JavaScript, FastAPI, Claude, Gemini, OpenAI, RAG workflows, LLM integration

CTF Competitions

BrainHack CDDC 2023

Cyber Defenders Discovery Camp - National cybersecurity competition

Top 6% 2023
Read writeup β†’

Grey Cat The Flag 2022

NUS Greyhats annual CTF competition

Top 25% Top Writeup 2022
Read writeup β†’

Certifications

Blue Team Level 1 (BTL1)

Security Blue Team certification for junior Security Analysts

Blue Team Verified
Verify badge β†’

Certified Ethical Hacker (CEH)

EC-Council certification for ethical hackers

Red Team Verified
Verify badge β†’