My working experinces based on Company

OGX Network Sdn Bhd (Contract: Feb 2024 - Feb 2025)

Industry: CyberSec Distributor
Title: Associate Director of Solutioning & Services
Scope: Management/Technical, Malaysia

Responsibilities / Duties:

Provided strategic oversight for solution architecture, delivery governance, and post-sales services, reporting to IT Security Director.
Defined and standardized business flows for solutioning, onboarding, and technical support.
Client included Malaysian government agencies, Finance Service Institute and Large Utilities.
Oversaw professional service engagements (SIEM, endpoint, network security), optimizing resource use and profitability.
Collaborated with vendor partners (Tenable, Forcepoint, Sangfor) on GTM approaches for public sector markets.
Planned company Security and IT blueprint.

Skills:

Strategic Solution Architecture (Multi-Vendor Cybersecurity Solutions)
Cybersecurity Consulting & Compliance
Enablement Service Model Design & Business Flow Definition (Professional Services, Support)
Delivery Governance & Operational Efficiency Management Vendor & Partner Collaboration Strategy Executive-Level Communication & Engagement
Data Loss Prevention (DLP) & DSPM Design/Deployment
System Hardening & Audit Expertise (CIS Benchmarks, DISA STIGs, NIST Guidelines, Microsoft SCT)
Operation Technology (OT) Security Concepts and Vulnerability Discovery
Costing, Profitability Analysis, and Price Definition

Key Achievements:

Designed and operationalized a unified service framework improving public sector project delivery speed and profitability.
Streamlined technical escalation and service workflows, improving client satisfaction.
Created ‘Center of Excellence’ for multi-vendor integration (Tenable, Forcepoint, Sangfor) & simulated SOC/NOC environments using open-source tools.
Trained new graduate staff who subsequently won regional Tenable award.
Obtained technical certifications in Forcepoint DLP/DSPM and full Tenable product suite (Sales, Tech Sales, Engineer - On-prem/Cloud deployment capable).

Cybersecurity Skills:

Data Loss Prevention (DLP) & DSPM (Forcepoint)
System Hardening & Audit (CIS Benchmarks, DISA STIGs, NIST Guidelines)
Vulnerability Management (Tenable) Operation Technology (OT)
Security SIEM / SOC Concepts (NG-SIEM, Syslog)
Endpoint Security (EDR or XDR)
Network Detection and Respond (NDR)

Barracuda Networks (Sep 2021 - Oct 2023)

Industry: CyberSec Vendor
Title: Senior Presales Engineer
Scope: Technical Sales, Southeast Asia

Responsibilities / Duties:

Served as regional presales technical authority (ASEAN+KR) across Barracuda’s cybersecurity pillars: Email Protection, Network Security (SASE, ZTNA, NGFW), Data Protection (Backup), Application Security (WAF). Email Protection inclusive on-prem ESG, SaaS based, ATP, Email Awareness training. Web Application Protection with On-prem WAF, Cloud WAF, with API Security, ATP based on requirement and ability to support multi-cloud strategy. Network Security with Barracuda’s Next Generation Firewall, ZTNA proxy, SASE, SD-WAN, Web Filteration All-in-one. Backup inclusive on-prem server appliance, or Cloud-to-Cloud Backup for M365. Delivered technical workshops and strategic threat briefings to CIO/CISO/SOC stakeholders across ASEAN. Provided technical sales support (PoC, demos, proposals, BOMs) and regional technical enablement for partners.

Skills:

Regional Presales Technical Authority (South-East Asia) Email Security Expertise (Email routing, SEG, ATP, Anti-Phishing/Impersonation, DMARC/DKIM/SPF, Basic DLP) Network Security Concepts, configuration and policy (NGFW, SASE, ZTNA, Web Filtering) Application Security (WAF) Data Protection Strategies (Cloud-to-Cloud Backup, On-Prem Servers Backup) Cybersecurity Framework Application (MITRE ATT&CK, Zero Trust, OWASP) Regional Partner Enablement Program Development & Delivery

Key Achievements:

Developed & launched successful APAC-SEA partner technical enablement program (“Email Tuesday”), reducing product enquiries by >60%. Technically enabled >50 partners across Asia and served as instructor for Cuda Academy. Successfully supported complex Cloud-to-Cloud Backup & Incident Response deployments in high-compliance sectors (Finance). Improved win rates by integrating business-aligned risk narratives into technical sales cycles. Obtained CISSP certification.

Cybersecurity Skills:

Email Security (SEG, ATP Sandboxing, Anti-phishing, ) Network Security (NGFW, SASE, ZTNA) Application Security (WAF) Data Protection (Cloud/On-Prem Backup, Incident Response) Cloud Security (Microsoft 365, Azure, AWS) Frameworks: MITRE ATT&CK, Zero Trust, OWASP CISSP

Ensign InfoSecurity (Aug 2019 - Sep 2021)

Industry: CyberSec System Integrator / SOC
Title: Systems Integration Director
Scope: Management, Malaysia

Responsibilities / Duties:

Spearheaded creation and expansion of 4 operational divisions (14 personnel): Project Management Office, Pre-Sales Solutioning/Architecture, Network Security Engineering, Network Security Support. Built Systems Integration (SI) business line from ground up (service offerings, playbooks, delivery models, KPIs, P&L accountability). Oversaw end-to-end delivery of strategic cybersecurity programs (Govt, Critical Infrastructure, Private Sector) using vendors like FireEye (Trellix), Imperva, Menlo, illumio, Tenable, Gigamon, Darktrace, Netskope. Standardized project governance, risk reporting, and client escalation procedures. Managed resource allocation, hiring, coaching, and performance.

Skills:

Business Line Creation & Scaling (Systems Integration) Organizational Structuring & Resource Allocation (Hiring, Coaching) Program/Portfolio Management (Cybersecurity Projects) Revenue & Margin Accountability (P&L Management) Service Definition & Delivery Management (SLA Definition) Technical Stakeholder Engagement (Govt, GLC, Critical Infrastructure, Private Sector) Vendor Management & Partnership Cybersecurity Domain Knowledge (Details in Cybersecurity Skills) Framework & Compliance Knowledge (Details in Cybersecurity Skills)

Key Achievements:

Successfully launched and scaled Systems Integration business in Malaysia, contributing multi-million MYR annual revenue growth. Built full-stack delivery team (PMs, Engineers, Service Owners with customer success manager), reducing 3rd party delivery dependency by >70%. Improved project profit margins by >150% via process refinement and resource optimization. Introduced profitable in-house Advanced Hardware Replacement program (FireEye) with ROI in 7 months. Successfully led multi-million MYR cybersecurity deployments (FireEye, Darktrace, Tenable, Imperva, Netskope) for major FSI, Telco, GLC, Insurance, Gaming clients.

Cybersecurity Skills:

Endpoint Security (FireEye, Cybereason, CrowdStrike) Network Visibility Delivery Platform (Gigamon, Netscout) Network Detection & Response (Darktrace) Vulnerability Management (Tenable) Advanced Threat Protection (ATP - FireEye) Micro-segmentation (illumio) Web Application Firewall (WAF) / Database Activity Monitoring (DAM) (Imperva) Secure Web Gateway (SWG) / SSL Inspection / RBI (Netskope) Frameworks: MITRE ATT&CK, PCI DSS, ZTA, OWASP Compliance: Malaysia PDPA (Act 709), BNM RMiT Policy

Extreme Broadband Sdn Bhd (Aug 2018 - Aug 2019)

Industry: Lease Line Provider
Title: Head of System and Security
Scope: Management, Malaysia

Responsibilities / Duties:

Led 5 cross-functional technical divisions (24 personnel): NOC, Data Center Network, System Security & Solutioning, Project Management, NOC L2. Defined and implemented IT security governance aligned with ISO/IEC 27001 standards (internal audits, risk assessment, incident management). Directed national infrastructure planning: IP transit, BGP policy/security (filtering, RPKI readiness), peering, data center/cloud security, business continuity. Oversaw CAPEX/OPEX management for NOC, peering, and leased lines. Provided technical leadership, mentorship, and security awareness training across teams.

Skills:

IT Security Governance & Policy (ISO/IEC 27001 Alignment) Risk Assessment & Management Internet Routing Security (BGP Filtering, Peering Policy, RPKI Readiness) Data Center Management Vendor Management & Negotiation Cross-Functional Team Leadership & Mentorship Business Process Definition

Key Achievements:

Successfully deployed JBIX (Johor Bahru Internet Exchange), enhancing regional network performance. Initiated and led ISMS ISO 27001 internal audit readiness program, aligning security posture with global standards. Improved infrastructure resiliency via automated patching, asset inventory, and stricter access controls.

Cybersecurity Skills:

ISO/IEC 27001 Governance & Audit Incident Response Planning Risk Assessment & Management BGP Routing Security (Filtering, RPKI)

Convergence Network / Innovix (Feb 2017 - Aug 2018)

Industry: System / CyberSec Distributor
Title: Presales Engineer
Scope: Technical Sales, Malaysia

Responsibilities / Duties:

Provided technical leadership throughout sales cycle for cybersecurity solutions (vArmour, Infoblox, SUSE Linux). Conducted solution presentations, customized demos using virtualized testbeds, and technical deep dives. Created technical proposals, architecture diagrams, and integration guides tailored to client needs. Executed PoC/Proof-of-Value (POV) deployments and provided technical support to partners.

Skills:

Advanced Technical Proposal Development & Competitive Analysis Cybersecurity Product Expertise (Micro-segmentation/vArmour, DDI/Infoblox DNS Security) Proof-of-Concept (PoC/POV) Execution & Success Criteria Definition Virtualization for Demo/PoC Environments (VMware vCenter) Partner Enablement & Technical Support Technical-to-Business Translation

Key Achievements:

Convince Management to invest on VMWare Suite (Vcenter + 3 Vsphere licenses), new server hardware for POC or lab. Reduced Proof of Concept setup time from months to weeks via virtual appliance deployment (VMware). Successfully executed multiple PoCs for Tier 1 enterprise clients. Developed internal technical knowledge base improving team onboarding and solution fluency. Demonstrated ability to translate complex technical terms into business use cases. vArmour POV able to capture the vulnerability scanner in-action.

Cybersecurity Skills:

Network Micro-segmentation Concepts (vArmour) Software honeypot with (vArmour) DNS Security (Infoblox)

Exclusive Network Sdn Bhd (Sep 2016 - Feb 2017)

Industry: System / CyberSec Distributor
Title: Presales Engineer
Scope: Technical Sales, Malaysia

Responsibilities / Duties:

Provided presales and post-sales technical consultation for cybersecurity portfolio including Gigamon (Visibility), Infoblox (DDI/DNS Security), Wireless Backhaul (Mimosa) Translated business/security requirements into technical solution designs for enterprise, telco client. Conducted solution workshops, Proof-of-Concept (PoC) deployments, and technical deep-dives. Authored technical proposals, documentation, and Bill of Materials (BoMs).

Skills:

Presales Technical Consultation (Gigamon, Infoblox, Mimosa) Technical Proposal Writing & Presentation Proof-of-Concept (PoC) Planning & Execution Implementation of Infoblox and Mimosa Requirements Gathering & Stakeholder Alignment

Key Achievements:

Developed standardized technical proposal framework, reducing turnaround time. Successfully led technical enablement for key accounts involving complex multi-vendor integrations. Raised Proof of Concept success rate to 98% by implementing pre-defined success criteria. Migrate DHCP/DNS from Microsoft AD to Infoblox DDI for one of the bank.

Cybersecurity Skills:

Network Visibility (Gigamon) DNS/DDI Security (Infoblox)

TIME dotCom Bhd (May 2013 - Sep 2016)

Industry: Fixed Broadband Telco
Title: Senior Engineer
Scope: Core Network / Service Engineer, Malaysia

Responsibilities / Duties:

Engineered, planned, deployed, managed and secured core broadband infrastructure services (DNS, DHCP, AAA RADIUS/TACACS+, OpenLDAP, MySQL, BRAS) using primarily open-source platforms (FreeBSD, CentOS, Ubuntu) serving millions of users. Implemented and maintained hardened configurations for OS (SELinux) and applications (native OS firewall port, hide Application signature) to reduce vendor reliance and strengthen security posture. Developed access control policies, AAA integration, and service entitlement enforcement. Established baseline logging, monitoring (Cacti, SNMP), event correlation, and alerting for core systems to enable early threat detection. Provided Level 4 operational support (24x7 standby) for core services and applications.

Skills:

Secure Service Architecture (Broadband Core) Open-Source Platform Deployment & Hardening (FreeBSD, CentOS, Ubuntu, OpenBSD) AAA Implementation & Security (OpenRADIUS, TACACS+, OpenLDAP) DDI Security & Management (ISC BIND DNS hardening, ISC DHCP HA) Database Administration (MySQL) Network Security (DNS Attack Mitigation via Opensource ACLs/Inteligence, PAM for all core network devices and servers) Monitoring & Logging (Cacti, SNMP, Syslog, NetFlow, Custom Templates) System/Application Change Management & Basic Bash Scripting API Integration (REST API) Juniper Operating System (Junos)

Key Achievements:

Designed & deployed Malaysia’s first 500Mbps (2016) and 100Mbps (2013) FTTH/O broadband profiles using hardened open-source systems. Deployed Anycast architecture for Speedtest servers, improving availability to 99.95% and capacity by >500%. Deployed HA designs for critical services: AAA (OpenRadius/OpenBSD - 99.97% availability), DHCP (ISC DHCP/CentOS for IPTV - 99.99% availability), Anycast (using Quagga in FreeBSD) DNS (Authoratative/Caching) clusters across 3 Data Centers. Deployed Privilege Access Manager (PAM) with MFA, reducing unauthorized changes by 99%. Mitigated DNS attacks effectively without commercial impact (zero incidents post-implementation) using open-source threat intel and ACLs. Developed comprehensive monitoring templates (zero cost) from opensource network monitoring system Cacti, improving visibility to 100% and reducing RCA time from days to minutes.

Cybersecurity Skills:

OS Hardening (FreeBSD, CentOS, OpenBSD) Secure Service Design (AAA, DNS, DHCP) Privilege Access Management (PAM) Deployment & MFA Network Security (BGP Validation, DNS Attack Mitigation, ACLs) Application Security (MySQL basics) Threat Intelligence Application

Packet One Network Sdn Bhd (Sep 2009 - Apr 2013)

Industry: Wireless Telco
Title: WiMAX Core Engineer
Scope: Telco and Network Core Engineer, Malaysia

Responsibilities / Duties:

Wimax, packet-switch. Pre-4G technology. Oversaw core network dimensioning and utilization projection for 3 years, defined system health checks/alerts for Network Operation Center (NOC), and managed Level 2 operational support and change requests Engineered, implemented, and maintained national WiMAX core infrastructure (ASN GW, AAA RADIUS, DNS, DHCP, Home Agent, CGNAT, Cisco SCE/PCEF, PCRF). Led design and implementation of subscriber management infrastructure, dynamic service provisioning, access control, and policy enforcement. Developed hardened authentication mechanisms integrating with OSS/BSS systems. Performed network analysis (user behavior, FUP) and traffic management policy definition to optimize bandwidth usage and offload base station congestion by controlling bandwidth hungry protocol such as P2P, Video Streaming etc during peak hour. Conducted system evaluation, integration (e.g., ASN GW with SBC for VoIP), IOT/PoC testing, and project management for Core network expansion and technology selection (LTE/WiMAX).

Skills:

Network Architecture & Design (WiMAX Core) Advanced IP Networking (BGP, OSPF, Layer 2/3 Routing, QoS) AAA Architecture & Implementation (Acatel-Lucent OpenRadius) DDI Implementation & Management (DNS BIND, ISC DHCP, IPAM with Excel) Network Security Concepts (Harderning, replace Telnet clear text with SSH) Internet Traffic Management (Layer 7, Applications control) & Policy Enforcement (Cisco SCE8000) Inter-operative troubelshooting with Network Packet Analysis (Wireshark), according to RFP Documentation. Vendor Evaluation, RFP Response, IOT/PoC Testing Project Management

Key Achievements:

Improved core network service availability from 97.5% to 99.99% through architectural redesign and optimization. Architected and deployed resilient core network supporting >250k subscribers, achieving 99.5% SLA compliance. Eliminated nationwide MAC address conflicts by migrating edge network from Layer 2 to Layer 3. Led end-to-end QoS deployment with mapping, improving VoIP quality (SiP phone). Deployed 2nd vendor WiMAX core and managed IP layer migration, increasing availability.

Cybersecurity Skills:

Core Platform Hardening (Linux/BSD) AAA Security Architecture Network Security Concepts (Encrption) Application Management (Network Traffic Control with Cisco SCE8000)

Tele Dynamic Sdn Bhd (May 2005 - Sep 2009)

Industry: Digital Printing
Title: Service Engineer
Scope: Service Engineer, Selangor

Responsibilities / Duties:

Delivered on-site technical support, system diagnostics, and preventative maintenance for enterprise digital printing systems integrated within LAN environments. Developed and delivered the company’s first in-house technical training program for new products and junior engineers. Supported field escalations for multi-function colour printers (Toshiba). Collaborated with vendor/customer IT on hardware compatibility, driver conflicts, colour matching/tuning (CMYK) and network communication failures.

Skills:

Technical Troubleshooting (Network, Digital Printing), fault isolation concept. Technical Training Program Development & Delivery Customer Communication Foundational IT Infrastructure (TCP/IP, DHCP/DNS) Directory Service Integration (LDAP/AD) Self-Learning & Technical Research

Key Achievements:

Appointed as organization’s first dedicated internal technical trainer, improving team knowledge and reducing escalations. Company’s first tecnical training program for both new joint and new product / technology training.

Cybersecurity Skills:

N/A (Focus on foundational IT)