Click here to view my Resume (PDF) > (Note: This link leads to my detailed CV for SOC Tier 1 position).

I am a Junior Computer Science student at Ho Chi Minh City University of Technology (HCMUT), specializing in Cybersecurity and Security Operations (Blue Team). My approach bridges the gap between technical execution and business risk. Whether I am analyzing web vulnerabilities, designing network architectures, or building ML-based threat detection pipelines, my goal is to ensure continuous monitoring, rapid incident response, and actionable remediation.

Core Competencies:

• Threat Detection & Investigation: Identifying attack patterns, analyzing raw logs, and performing root-cause analysis.
• Risk Translation: Converting complex technical flaws into clear, actionable business risks using a Consultative Methodology.
• Security Architecture: Designing secure, segmented networks based on the CIA Triad and Defense-in-Depth principles.

• Languages: Python, C++, Bash, SQL (MySQL), Powershell, HTML.
• SIEM / EDR & Monitoring: Wazuh, SentinelOne (Overview), Wireshark.
• Security Tools: Kali Linux, Metasploit, Burp Suite, Postman, Gobuster, Nmap.
• Network: Cisco Packet Tracer, VLAN, VPN, OSPF, ASA Firewall.
• Frameworks & Standards: OWASP Top 10, NIST, MITRE ATT&CK.

An end-to-end supervised machine learning pipeline engineered to detect phishing emails with 98.72% accuracy, focusing on behavioral resilience rather than easily evaded blacklists.

• Recall-First Optimization: Tuned XGBoost specifically to minimize False Negatives, recognizing that undetected threats are more critical than false alarms.
• Threat Intelligence: Engineered 54+ Indicators of Compromise (IOCs) across email headers, body sentiment, URL entropy, and macro-enabled attachments.
• Incident Triage: Conducted structured error analysis to document residual risks, enabling SOC analysts to triage alerts with deep behavioral context.

A centralized documentation hub for vulnerability research, bridging the gap between technical exploits and strategic remediation.

• Advisory Approach: Every write-up follows a strict methodology: Reconnaissance ➔ Exploit (PoC) ➔ Root Cause Analysis ➔ Business Risk Assessment ➔ Remediation.
• Web Exploitation: Documented real-world scenarios including Arbitrary File Uploads leading to RCE, Error-Based SQLi, and Weak 2FA exposures.
• Actionable Reporting: Mapped findings to OWASP standards to provide code-level fixes and architecture-level defenses.

A secure, scalable 3-tier enterprise network design for a multi-site hospital system, simulated in Cisco Packet Tracer.

• Network Segmentation: Implemented strict VLAN isolation for Staff, Medical Devices, and Guests to limit lateral movement.
• Perimeter Defense: Configured Cisco ASA Firewalls, Access Control Lists (ACLs), and a dedicated DMZ for public web servers.
• Secure Communications: Deployed Site-to-Site and Remote-Access VPNs to simulate secure telehealth and remote administration.

• Google Cybersecurity Professional Certificate: Completed 8-course program covering SIEM tools, incident response lifecycle, network traffic analysis, and security frameworks (NIST, OWASP)
• Top 40 BK Innovation (2025): Formulated and Pitched successfully a conceptual security architecture utilizing Blockchain to IoT ecosystems.