keeplook4ever
Security Engineer
9+ years of experience in data and application security across major internet companies. Specialized in sensitive data discovery (structured/unstructured), DLP strategy, test data masking, and access governance. Hands-on experience with MySQL, Hive, ClickHouse, Redis, Elasticsearch security hardening and classification. Delivered privacy compliance (GDPR, DSL) through internal platform building, API/data flow risk assessment, and control enforcement.
Experience: 9 years
Yearly salary: $180,000
Hourly rate: $75
Nationality: πΈπ¬ Singapore
Residency: πΈπ¬ Singapore
Experience
Security Engineer
Shein 2023 - 2024
DLP Scanning & Test Data Management - Developed Golang-based data scanning tool to identify 6+ sensitive types (PII, API Keys, passwords) via API/file scanning. Purged or encrypted 100+ exposed MySQL tables in test environments in collaboration with DBA and business teams. Designed production-to-test data sync pipelines with masking rules, Wiki metadata, Kafka integration for change tracking. Anomaly Detection & Compliance Reporting - Built FlinkCEP-based anomaly monitoring (DB ops, off-hour access), integrated with audit dashboards and alerts. Reduced false positives by 35% through behavior baselining and ML-assisted pattern refinement.
Security Engineer
Trip 2021 - 2023
Sensitive Data Discovery & Protection Platform (MingJian) - SQLServer.d-to-end platform for sensitive data discovery and protection across MySQL, Hive, ClickHouse, Elasticsearch, Achieved 84%+ accuracy in L3/L4 classification using hybrid regex + expert-rule engines. Implemented full data control lifecycle: classification β encryption β masking β audit logging. Aligned data asset governance with GDPR and China DSL, enabling group-level compliance coverage. IAM & Access Governance - Designed permission analysis framework to identify dormant and high-risk accounts, reducing privilege misuse by 30%+. Enabled automated access review and approval flows, integrating with compliance audit procedures.
Security Development
SAIC 2019 - 2021
Zero Trust & IAM Technology Research - Evaluated Zero Trust solutions from Zhongtong, QiAnXin, Sangfor, Tencent, ByteDance, and IAM architectures from Huawei, AWS, integrating insights to design a corporate Zero Trust IAM model. Combined research with hands-on implementation via GeekTime IAM project to validate architecture feasibility. Data Security Platform Development - Built a Django-based platform supporting multi-source data queries (MySQL, Hive, HBase, PostgreSQL, MongoDB, Redis, Presto, OpenTSDB, ClickHouse) with data masking, RBAC, workflow approvals, and audit logging. Optimized data encryption and dynamic masking rules for sensitive fields (e.g., PII).
Security Engineer
Ping An One Wallet 2016 - 2019
Security Anti-Fraud System Development - Designed and implemented a real-time anti-fraud system using Nginx-Lua for traffic mirroring and request interception, including a self-developed Lua-based blocking module and token revocation system. Led the 920 Anti-Fraud Project, covering vendor evaluation (Qianxin, Topsec, Knownsec, Ruishu), deployment, testing, and strategy optimization. Enhanced fraud prevention with device fingerprinting, CAPTCHA, and behavioral analysis, reducing potential losses by Β₯800K+ during promotional events.
Skills
python
security
english
chinese-mandarin