Kelvin Tam
Kelvin Tam
CISSP CSSLP AWS-SAA

Contact Me to get full resume / CV

About Me

Cybersecurity Professional translated from Developer, born and grew up in Hong Kong, pursuing a career goal which can get use of my developer experience and empathy to integrate security aspects into everywhere at software development life cycle to improve organization security landscape and awareness.

  • Age . . . . . 29
  • Residence . . . . . Hong Kong
My Services
Threat Modeling

Identify and analyze threats to improve security landscape by proactively early-involvement of security activities (Shift Left)

Secure Code Review

Specialized in Static Analysis and dynamic white-box testing, and experienced on formalized review process

Full-stack web & backend development

Seasoned web and backend developer, specialized at Ruby on Rails, Java, Javascript, PHP, E-Commerce

Mobile Apps Development

Experienced on Hybrid Mobile Apps, React Native and native Apps integration

Hobbies
Guitar
Photography
Coffee Brewing
Resume
Experience
2022/01 - Present
Senior Security Analyst
Crypto.com
  • Coaching and providing guidance on source code review and threat modeling to junior security engineer and other pen-tester teammates.
  • Reviewing security testing report.
  • Perform threat modeling on new features.
2019/09 - 2021/12
Security Analyst
Crypto.com
  • Perform secure source code review/testing for the different components in Crypto.com Apps' backend system.
  • Perform white-box penetration test for APIs
  • Various of development / coding work on security feature and in-house security tools
2018/03 - 2019/08
Analyst Programmer
Cherrypicks - Location intelligence Product Team
  • Core developer of Starbeacon Product core API and CMS, providing the core backend system for the features of Alighting Reminder in MTR Mobile Apps and in-house beacon installation planning, deployment, and maintenance system
  • Implemented the crowd-sourcing microservice integrated with Azure Data Pipeline to calculate beacon health information from reported beacon signal detect among all MTR station.
  • Implemented multi-cloud platform support on AWS & Microsoft Azure
  • Conducting the performance turning for the source code
The full list will listed at full resume.
Certification
2021 - current
Certified Information Systems Security Professional
CISSP
2022 - current
Certified Secure Software Lifecycle Professional
CSSLP
2022 - current
AWS Certified Solutions Architect – Associate
AWS-SAA
Education
2012 - 2015
BEng (Hons) in Computer Engineering
City University of Hong Kong

Upper Second Class Honours with CGPA 3.25

2005 - 2012
Secondary school graduation
Hong Kong Advanced Level Examination

HKALE (Form 7) full cert.

My Skills
Technical
  • Threat Modeling
  • Secure Code Review
  • Static Analysis
  • Vulnerability Management
  • Secure SDLC
  • Cloud Security
  • DevSecOps
  • CI/CD security assessment
  • Incident Response from AppSec perspective
  • SumoLogic
  • Change Management Planning
  • Full stack development
  • Payment Gateway Integration
Tech Stack
  • Ruby on Rails
  • Java
  • Spring /Spring Core
  • Hibernate
  • JavaScript
  • React
  • React Native
  • Mobx
  • Typescript
  • Angular
  • Vue
  • Docker
  • Kubernetes
Get in Touch