Himalayas logo
PK
Open to opportunities

Phú Hoàng Kim

@phhongkim

I am a Security Engineer specializing in red teaming, DevSecOps, and custom security tooling.

Vietnam
Message

What I'm looking for

I seek hands-on roles focused on red teaming, security tool development, and DevSecOps automation within security-first teams that value impact, mentorship, and growth.

I am a dedicated Security Engineer with 3+ years of progressive experience across penetration testing, red team operations, malware research, and DevSecOps practices.

I currently lead security initiatives at HD Saison, conducting assessments across 25+ systems including AWS and on-premise infrastructure, and I architected a real-time Phishing Domain Monitor using Docker Compose and Django.

My background includes building an Attack Surface Management platform, advanced penetration testing, custom security tooling, and automating CI/CD security stages with Jenkins, SonarQube, and Trivy—reducing manual review time by 70%.

I prioritize practical tool development, knowledge transfer through training, and regulatory compliance, and I seek to drive measurable security improvements while advancing offensive-security research.

Experience

Work history, roles, and key accomplishments

HS
Current

Security Team Leader

HD Saison

Mar 2025 - Present (7 months)

Led security initiatives conducting secure code reviews, vulnerability assessments, and penetration testing across 25+ systems (cloud and on-prem). Architected a real-time Phishing Domain Monitor and integrated automated Jenkins CI/CD security stages, reducing manual security review time by 70% and ensuring SBV compliance.

EC

RedTeam Specialist

Esecure Solution Limited Company

Mar 2024 - Mar 2025 (1 year)

Executed advanced penetration testing campaigns against web, mobile, and network targets, identifying critical vulnerabilities and delivering remediation guidance. Researched malware development and evasion techniques and delivered RedTeam training to internal and partner teams.

EC

R&D Specialist

Esecure Solution Limited Company

Jul 2023 - Mar 2024 (8 months)

Architected and developed an Attack Surface Management platform with automated subdomain discovery, endpoint fuzzing, and web vulnerability scanning. Built large-scale data engineering pipelines, implemented Docker-based deployments, and researched AI-driven automated penetration testing techniques.

EJ

Penetration Tester

ETC Technology System JSC

Mar 2022 - Jun 2023 (1 year 3 months)

Performed comprehensive web and mobile application penetration tests and network integrity assessments while developing Python automation tools to improve scanning efficiency. Integrated Burp Suite with SIEM ingestion, collaborated with SOC teams, and configured enterprise firewalls (Sophos, FortiGate).

Education

Degrees, certifications, and relevant coursework

FPT University logoFU

FPT University

Bachelor of Information Assurance, Information Assurance

Grade: 3.34/4

Activities and societies: 50% merit-based scholarship; Top 5 Most Excellent Student in Information Technology (2022); Top 10 FPT Secathon (2022); Top 10 FPT Software Hacking CTF (2022)

Completed a Bachelor of Information Assurance at FPT University (graduated 2024) with a 3.34/4 GPA and received a 50% merit-based scholarship; recognized among the Top 5 students in Information Technology and placed in Top 10 in multiple security competitions.

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Phú Hoàng Kim - Security Team Leader - HD Saison | Himalayas