JOHN TAN

CISSP | CISA | CEH | ITILv3 | MCP | SFC | CSSYB | ECE

A cybersecurity expert with 14 years of overall IT Security experience who has demonstrated a technical and management skills.
He strives to continuously develop technical and leadership skills to achieve organizational goals & create mutual benefits.
Address Singapore
Phone +65 9654 2085
Email [email protected]

Work Experiences

UOB Bank Singapore

Manager, IT Security – Red Team | Penetration Testing
March 2023 – present
 Managing activities of security testing program.
 Follow up with stakeholders such as application owners and system owners to track and report vulnerability remediation progress.
 Coordinate vulnerability remediation verification and documentation.
 Coordinate re-testing for remediated vulnerabilities.
 Vendor management of security testing vendors throughout lifecycle, i.e. selection of vendors, performance evaluation, and feedback.
 Respond to enquiry from audit and regulatory pertaining security testing covered by Red Team.
 Coordinate with Subsidiaries and Overseas Branches on vulnerability status and process improvements.
 Presentation of penetration testing status to the Senior Leadership.
 Drives the RFP for Pentest and Red Teaming projects.

CIMB Bank Philippines

Head, Tech Security
November 2022 – March 2023

 Implement the information security/ technology/ cybersecurity framework of the Bank relevant to the function of Technology department.
 Oversee the execution of periodic vulnerability assessment and penetration testing activity, both internal and in coordination with third party.
 Oversee the assessment of applicability of information security threats advisories coming from various sources (e.g. BAPCID, Security
Operations Center, Threat Intelligence Organizations), determine existing mitigation controls and suggest action plans.
 Oversee the performance of periodic control effectiveness testing/ compliance testing of the Technology department on information security
controls (patch management, user access review, etc.)
 Provide on time reports to Senior Management Team including management review meets.
 Conduct IT Security Due Diligence during RFP.

DXC Technology
Manager, IT Security Vulnerability
June 2019 – November 2022

 Drives SIEM/SOC business supporting sales, presales, consulting, and partners.

 SIEM (Splunk, ArcSight) implementation and support. Prepares SIEM documents and customer presentations.
 Supports customer’s Security Incident Response, Risk Assessment and Security Awareness.
 Security Vulnerability Manager for Butterfield Bank.
 Management of Qualys or Nexpose Rapid7 Vulnerability Assessment and Advisory.

TriskeleLabs Cyber Security Australia | Techno Global Team Inc.

Lead, IT Security SOC
March 2018 – June 2019

 Provides an escalation point to the Level 1 analysts. Develops rosters schedules. Manages the team’s performance reviews and mentoring.
 Ensures proper handling and management of issues and assists with incident response efforts & conducts research on emerging threats.
 Lead the development of incident response plans, workflows, and SOPs.
 Develops customer notifications and advisories of current threats.
 Supports overall SOC analysis such as PCI ASV, Firewall review and Vulnerability Assessment.
 Reviews and develops monthly customer reporting.

Dairy Farm Inc. ROHQ

Senior IT Security Analyst
March 2016 – March 2018

 Vulnerability Assessment & Penetration Testing

 Security Operations/Incident Response
 Risk, Compliance, and Audit
 Drives security awareness program.
United Health Group (UHG)
Lead, Vulnerability Management
August 2015 – March 2016

 Responds to request tickets in HP ITG regarding infrastructure scanning that includes Linux, Unix, Windows’ servers’ vulnerability.
 Create documentations on administration process and procedures of vulnerability management.
 Conduct weekly Information security awareness training for new hires.
 Creates daily and weekly reports on scanners health checks (Tripwire IP360).
 Do a weekly discussion about emerging landscape and latest vulnerability on different platforms and applications.
 Creates a weekly security bulletin.

Safeway Philtech Inc.

Senior Information Security Analyst (SOC) | Cyber Threat Intelligence
February 2012 – August 2015

 Monitor alerts from FireEye, Splunk, and Symantec Endpoint Protection, and Symantec Vontu (DLP), MSSP Solutionary, and WAF Imperva.
 Provide support and in-depth analysis for security events/incidents in Splunk.
 Read, analyze, understand daily news and articles pertaining to latest threat and landscape in the cyber security world. Create a report and
includes impact and action of the company.
 Conduct Security Awareness Training to new employees.

Trend Micro Inc.

Security Systems Engineer
September 2009 – February 2012

 Install & maintain information & systems security solutions in a client-server environment for small medium business and enterprise. Deploy
cloud-based email filtering, data and systems security solutions.
 Analyze malware samples & logs from the whole network to include heuristic in pattern updates to improve blocking, detection and cleanup of
malware.
 Remote access client’s computer, a workstation or a server, for malware infection using WebEx or LogMeIn.

Education

Jun 2003 - Apr 2008

Rizal Technological University
BS Electronics & Communication Engineering
ECE Licensed Electronics Engineer

Trainings

Jun 2022 ISC2 CISSP

May 2022 EC-Council Certified Ethical Hacker version 11
May 2020 ArcSight Logger Admin
Apr 2020 ArcSight ESM Advanced Analyst
Sep 2019 Splunk Enterprise Security v7.3 Administration, UBA, Monitoring
Sep 2019 Microsoft Azure Sentinel SIEM (Microsoft Singapore)
Apr 2019 ITIL V3 Foundation
Nov 2018 AlienVault USM Anywhere
Sep 2017 PCI DSS v3.2
Sep 2013 CCNA Cisco 200-125: Cisco Certified Network Associate
Aug 2013 CHFI Computer Forensics and Investigations

Certificates | Licenses

Certifications ID# Year Obtained

CISA 232230700 2023
CISSP 929400 2022
CEH ECC0584236791 2022
Qualys Certified Specialist 2022
SC-200 MS Security Operations Analyst 2022
SC-400 MS Information Protection Admin 2022
Splunk Core Power User Certified 2021
Splunk Core User Certified 2021
ArcSight Logger Admin 2020
ArcSight ESM Advanced Analyst 2020
SSYB Six Sigma Yellow Belt 697389 2019
SFC Scrum Fundamentals Certified 697455 2019
ITILV3 Foundation GR750548731JT 2019
MCP/MCTS Microsoft Certified Professional 2012
ECE Licensed Electronics Engineer (Philippines) 44177 2009