About

# whoami


Cyber Security Enthusiast

I am a cybersecurity enthusiast from Myanmar. I became interested in the cyber security field in 2016 and initially focused on areas such as reverse engineering, malware analysis, practical exploit development, and web application security. Now, I have been working in the information security field for more than three years and have gained experience as DevSecOps, application security, and SOC engineer..



  • Email: yethurakyaw@outlook.com
  • Experience: 3 years +
  • Degree: Bachelor
  • Freelance: Available


  • Work closely with developers to improve security on their applications before going to QA.
  • Responsible to create report on findings and act on vulnerabilities.
  • Monitor and track potential threats.
  • Responsible for reviewing open-source security tools and products to use in organization
  • Contact Person to third party security consultants
OSCP

Offensive Security

CRT

CREST

CPSA

CREST

Foundation of Purple Teaming

ATTACKIQ

Skills & Responsibilities

Web Application Penetration Testing 60%
Android Application Penetration Testing 40%
API Penetration Testing 70%
Network Penetration Testing 70%
Cyber Defense70%
Scripting 50%

Interests & Hobbies

Information Security

Reading

Listening to Music

Adventure

Cryptocurrency

Travel

Take a walk

Badminton

Resume

Check My Resume

Objectives

Profile

Security Engineer with the above three years of experience who is highly self-motivated and has a security mindset.
I am experienced as DevSecOps, Application Security and SOC Engineer.
Interested in devising a better problem-solving method for challenging tasks, and learning new technologies and tools if the need arises.
To acquire a challenging role where my abilities can be fully applied for the organization’s needs as well as the enhancement of my knowledge.

  • Yangon, Myanmar
  • 09962812866
  • yethurakyaw@outlook.com

Education

Bachelor of Computer Engineering (B.E)

2013 - 2019

University of Yatanarpon Cyber City, Maymyo

Educational background in Computer Engineering , where I learned about computer mathematics, computer architecture, embedded systems, artificial intelligence, algorithms, data structures, and programming languages such as Assembly, C++, Java,python, etc. Additionally, I gained practical skills in cybersecurity, computer networking, and web development using PHP, HTML, and JavaScript.

Penetration Testing Training

2018

Creatigon Cyber Security Training

Learned about Network Pentesting, Metasploit, exploit-db, and any other penetration testing tools and methodologies.

Certifications

Offensive Security

  • Offensive Security Certified Professional (OSCP)

CREST

  • CREST Practitioner Security Analyst(CPSA)
  • CREST Registered Penetration Tester (CRT)

ATTACKIQ

  • Foundation of Purple Teaming

Professional Experience

Senior Security Specialist

2019 Oct - Present

YOMA Bank

  • Exploring and integrating security SAST and DAST tools into CI/CD pipeline
  • Perform Penetration Testing on Web and Mobile Application
  • Conduct Security Assessment on Vendor products
  • Proactive monitoring, analyzing, investigation and mitigation threats from IDS& IPS,WAF, SIEM, EDR, EPP
  • Conduct research on identified threats, and exploits to emulate these threats
  • Rule tuning on security controls with focus on TTPs to enhance threat detection capabilities
  • Researched current and developing cyber security products to improve the organization
  • Conduct detailed remediation steps & solutions on security findings and vulnerabilities
  • Deliver detailed reports for Penetration Testing and Cyber Incident

Red Team Operator Intern

2022 Oct- 2022 Dec

Private Sector

  • Advanced Phishing Development
  • PHP Obfuscation
  • Techniques Development
  • OPSEC Implementation
  • Wireless Attacks

Security Analyst Intern

2018 Oct- 2018 Dec

mmCERT(Myanmar Computer Emergency Response Team)

  • Practical Malware Analysis
  • Practical Exploit Development
  • Reverse Engineering
  • Incident Response

Services

My Services

Web Application Penetration Testing

Experienced in various web applications, frameworks, & CMS penetration testing

Android Application Penetration Testing

Experienced in black box, grey box penetration testing

Network Penetration Testing

Experienced in external, internal penetration testing

Security Operation

Experienced more than one year on SOC and DevSecOps, (Email security, Rule tuning on Exiting security controls, Endpoint Security, Security Hardening)

Reporting

Finalizing the vulnerabilities, well documented and deliver to respective team

Portfolio

My Works

  • All
  • App
  • Card
  • Web

App 1

App

Web 3

Web

App 2

App

Card 2

Card

Web 2

Web

App 3

App

Card 1

Card

Card 3

Card

Web 3

Web