Skip to main content
Currently hunting adversaries @ ExpressVPN
Security Engineer · Threat Hunter · DFIR

Aung Myint Myat

I build the tools and systems that are the backbone of security operations.

I spend most of my time building security tooling, writing detections, and hunting things that don't want to be found. I like making stuff that is actually useful when you are dealing with real threats, mostly around detection engineering, DFIR, and automation across AWS, GCP, and Azure.

CISSP
GIAC GEIR
AWS Certified Security Specialty
eCTHPv2
aungmm@soc:~$ whoami
Aung Myint Myat
Based in Singapore

What I do

~/security-engineering

Security Engineering

Building the tools and systems that everything else runs on: detection pipelines, response tooling, and the platforms that power the whole security operation.

~/threat-hunting

Threat Hunting

Proactive hunts across global infrastructure to surface sophisticated adversaries that evade automated detection.

~/dfir

Incident Response & DFIR

Investigation, containment, eradication, and digital forensics when a breach is unfolding.

~/automation

Security Automation

Turning repetitive defense work into reliable, automated pipelines, from vuln management to detection deployment.

Experience

ExpressVPN
2 yrs 6 mos

Senior Threat Hunter / Analyst

Jan 2026 to Present
  • Lead threat hunting operations across global infrastructure
  • Build and deploy detection systems that catch sophisticated adversaries
  • Automate detection-logic deployment and vulnerability management
  • Run security architecture reviews for engineering teams
Threat HuntingSIEMDetection EngineeringSecurity ArchitectureVulnerability ManagementAutomation

Threat Hunter / Analyst II

Feb 2024 to Dec 2025
  • Ran proactive threat hunts across global infrastructure
  • Built detection content and tuned SIEM alerting to catch evasive adversaries
  • Automated detection-logic deployment and vulnerability management workflows
Threat HuntingSIEMDetection EngineeringVulnerability ManagementAutomation
Sysnet System & Solutions
1 yr 5 mos

Cyber Security Officer

Oct 2022 to Feb 2024
  • Deployed SIEM, vulnerability scanners, and endpoint protection for full threat visibility
  • Ran security assessments and compliance audits for regulated clients
  • Worked directly with clients to solve complex security challenges
SIEMVulnerability ManagementSecurity AuditsProject ManagementNetwork Hardening
Kernellix Co. Ltd
3 yrs 4 mos

Cyber Security Engineer

Jan 2021 to Sep 2022
  • Designed secure cloud infrastructure across AWS, GCP, and Azure
  • Ran digital forensics and incident response during active breaches
  • Automated CI/CD deployment pipelines orchestrated on Kubernetes
Cloud SecurityDFIRKubernetesCI/CDIaCAWSAzureGCP

Associate Cyber Security Engineer

Jun 2019 to Dec 2020
  • Built Security Operations Center platforms from the ground up
  • Deployed and tuned open-source security monitoring stacks
  • Supported incident response and forensic investigations
SOC DevelopmentSIEMIncident ResponseLinuxAWS

Certifications

Dec 2025

GIAC Enterprise Incident Responder (GEIR)

SANS Institute
May 2022

Certified Information Systems Security Professional (CISSP)

(ISC)²
May 2025

Certified Threat Hunting Professional (eCTHPv2)

INE
Apr 2023

HashiCorp Certified: Terraform Associate

HashiCorp
Mar 2023

Foundation Level Threat Intelligence Analyst

arcX
Dec 2021

AWS Certified Security Specialty

AWS
Sep 2019

AWS Certified Solutions Architect Associate

AWS
Sep 2021

FireEye Helix Cloud Security (FSE)

FireEye
Say hi

Want to talk shop?

Always happy to nerd out about security engineering, detections, threat hunting, or a good incident response war story. My inbox is open.