Experience

CERT, KakaoBank Gyeonggi, South Korea	May 2026 - Present -
» -

CERT, Bithumb Seoul, South Korea

Feb 2025 - Apr 2026 -

» Leveraged AI-driven CTI analysis to produce internal threat intelligence reports, and implemented SOAR integrations and custom actions to streamline response workflows. » Conducted continuous EDR event analysis to strengthen incident prevention and response, and developed SIEM detections/use-cases. » Established and operated SCA/OSS supply-chain security policies to block vulnerable or malicious components from entering the SDLC. » Planned and ran monthly phishing simulations and biannual crisis response drills (DDoS/phishing) to improve organizational readiness.

Security Service Developer, NCSOFT Gyeonggi, South Korea

May 2021 - Dec 2024 3 years, 8 months

» Developed an internal security policy lookup portal for the security center and company-wide users. » Designed and implemented a security review management system for game, web, and API service deployments. » Built a Security Appliance API Gateway to streamline secure development and standardize security controls. » Developed malicious network traffic detection modules and supported ongoing event analysis and monitoring.

DFIR Specialist, Plainbit Co., Ltd. Gyeonggi, South Korea	Aug 2019 - May 2021 1 year, 10 months
» Supported digital evidence acquisition and forensic analysis across multiple small-to-mid scale incidents, including ransomware and APT intrusions. » Built automation tools to accelerate triage and analysis workflows in time- and resource-constrained investigations.

Senior Researcher, Culture Makers Seoul, South Korea	Nov 2018 - Jul 2019 8 months
» Military Service (Skilled Industrial Personnel) » Organized information security competitions and produced infosec training/educational content. » Managed virtual lab networks using VMware vSphere and developed supporting administration/management tools.

Security Researcher, SEWorks Inc. Seoul, South Korea / CA, United States	Feb 2017 - Nov 2018 1 year, 10 months
» Military Service (Skilled Industrial Personnel) » Developed automation tools to support product operations and backend server administration. » Built analysis modules for detecting and analyzing malicious Android APKs. » Contributed to the development of a game engine obfuscation module based on LLVM Obfuscator.

Software Vulnerability Analyst, WINS Co., LTD. Gyeonggi, South Korea	Jan 2016 - Jan 2017 1 year
» Conducted vulnerability research and analyzed 1-day vulnerabilities. » Actively participated in incident response engagements as a CERT analyst, performing root-cause analysis and impact assessment.

Security Researcher, Divine Security Gyeonggi, South Korea	Jan 2015 - Jun 2015 6 months
» Developed a malicious APK analysis module for malware triage and behavioral analysis.

Security Consultant, ***** Seoul, South Korea	Mar 2013 - Aug 2013 6 months
» Performed black-box and white-box penetration testing across web and application targets. » Supported G-ISMS/ISMS compliance initiatives, including security assessments and documentation.