Phú Hoàng Kim
@phhongkim
I am a Security Engineer specializing in red teaming, DevSecOps, and custom security tooling.
What I'm looking for
I am a dedicated Security Engineer with 3+ years of progressive experience across penetration testing, red team operations, malware research, and DevSecOps practices.
I currently lead security initiatives at HD Saison, conducting assessments across 25+ systems including AWS and on-premise infrastructure, and I architected a real-time Phishing Domain Monitor using Docker Compose and Django.
My background includes building an Attack Surface Management platform, advanced penetration testing, custom security tooling, and automating CI/CD security stages with Jenkins, SonarQube, and Trivy—reducing manual review time by 70%.
I prioritize practical tool development, knowledge transfer through training, and regulatory compliance, and I seek to drive measurable security improvements while advancing offensive-security research.
Experience
Work history, roles, and key accomplishments
Security Team Leader
HD Saison
Mar 2025 - Present (7 months)
Led security initiatives conducting secure code reviews, vulnerability assessments, and penetration testing across 25+ systems (cloud and on-prem). Architected a real-time Phishing Domain Monitor and integrated automated Jenkins CI/CD security stages, reducing manual security review time by 70% and ensuring SBV compliance.
RedTeam Specialist
Esecure Solution Limited Company
Mar 2024 - Mar 2025 (1 year)
Executed advanced penetration testing campaigns against web, mobile, and network targets, identifying critical vulnerabilities and delivering remediation guidance. Researched malware development and evasion techniques and delivered RedTeam training to internal and partner teams.
R&D Specialist
Esecure Solution Limited Company
Jul 2023 - Mar 2024 (8 months)
Architected and developed an Attack Surface Management platform with automated subdomain discovery, endpoint fuzzing, and web vulnerability scanning. Built large-scale data engineering pipelines, implemented Docker-based deployments, and researched AI-driven automated penetration testing techniques.
Penetration Tester
ETC Technology System JSC
Mar 2022 - Jun 2023 (1 year 3 months)
Performed comprehensive web and mobile application penetration tests and network integrity assessments while developing Python automation tools to improve scanning efficiency. Integrated Burp Suite with SIEM ingestion, collaborated with SOC teams, and configured enterprise firewalls (Sophos, FortiGate).
Education
Degrees, certifications, and relevant coursework
FPT University
Bachelor of Information Assurance, Information Assurance
Grade: 3.34/4
Activities and societies: 50% merit-based scholarship; Top 5 Most Excellent Student in Information Technology (2022); Top 10 FPT Secathon (2022); Top 10 FPT Software Hacking CTF (2022)
Completed a Bachelor of Information Assurance at FPT University (graduated 2024) with a 3.34/4 GPA and received a 50% merit-based scholarship; recognized among the Top 5 students in Information Technology and placed in Top 10 in multiple security competitions.
Tech stack
Software and tools used professionally
Availability
Location
Authorized to work in
Job categories
Skills
Interested in hiring Phú?
You can contact Phú and 90k+ other talented remote workers on Himalayas.
Message PhúFind your dream job
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
