Jacky Xia
** **** ******* ****, ******** Hill, ON, Canada L4B 4S7
Phone: 905-***-**** Cell: 416-***-**** Email: ac7tw9@r.postjobfree.com
Objective: Information Security Consultant
Highlights of Qualifications:
Over 12 years information security consultant experience with focus in the application security and vulnerability research
Specialize in Intel based reverse engine skill in both Windows and Linux platforms
Strong experience in the application penetration testing includes the source code audit
Master big data and machine learning on virtualized env
Comprehensive knowledge of information security, data structures and software architecture
Enthusiastic team player with strong motivation to succeed
Computer Skills
Programming Languages:
C (Over 15 years), X86 assemble (5 years), Perl (Over 5 years), Python (Over 5 years), Bash shell (Over 8 years)
Software Platforms:
Linux (Over 15 years), Windows (Over 10 years), Ecos (Over 2 years), Vxworks (1 year)
Hardware Platforms:
I386 developing Env (8 years), MIPS developing Env (2 years), ARM developing Env (1year)
Project Software:
Office Suit (Over 5 years), Project (Over 2 years), Vision (Over 2 years), Bugzilla (Over 5 years), GIT/CVS/SVN (Over 10 years), UML (Over 1 year)
Protocol Sets:
Samba (Over 5 years), Kerberos(over 3 years), HTTP(over 10 year), TCP/IP (Over 10 years), SSH (6 years), SSL(8 years).
Programming Methods
OOA, OOP, processing programming, ICP (both system and application level)
Testing Methods
Unit testing, System testing, black box testing, white box testing, and auto-testing script
Work Experience
Direct Security
Shenzhen Wanganxin Tech Inc, China 03/2015-Present
Created and deployed of web application security defence infrastructure, includes anti-DDos, WAF, Security Monitor, pentation testing, devops development, log review using private cloud infrastructure.
Patented using big data and machine learning to security network.
Implemented the security development lifecycle on web application development on both internal and external projects.
Security Consultant
Telus Security Solutions, Toronto 09/2005-03/2015
Participated as a core security consultant, used packet analysis, reverse engine, protocol analysis and source code analysis skill to create the vulnerability research report which describes the mechanisms and properties of software vulnerabilities in depth.
Developed intrusion detection signatures and remote vulnerability detection for these vulnerabilities in a timely fashion
Experienced in the successful full-lifecycle execution of various secure software development projects aimed at improving the performance and capabilities of major IDS and IPS products from industry-leading costumers
Performed security assessments of enterprise-level software from major players in the software and financial industry, includes penetration testing, source code security reviews, security policy review, as well as general security and privacy advisory service
Provided networking infrastructure security evaluation, threat and risk assessments, security architecture and design reviews, regulatory compliance audits for a major client in the retail sector
Senior Linux Software Engineer
Raidtec Inc. China office, China 03/2003- 09/2004
Provide key technical leadership and expertise in the full-lifecycle execution of Network Attached Storage (NAS) core embedded OS development, system architecture, prototype design to the industry-leading costumers
Customized the Linux kernel with XFS, JFS filesystem support and re-designed partition structure to support large file capability
Coached junior members on internal processes and research
Senior Linux software engineer
BluePoint Software Inc., China 07/2002–03/2003
Developed a embedded Voice Over IP production using Linux, ARM system board, GUN tools chain
Interacted with the project’s technical lead, and senior client representatives to design and develop of new system features.
Designed the testing case, testing plan and QA process to improve the quality of the production
Education
Bachelor of Computer Software, Wuhan University, China 2000
Certifications: CISSP Since 2010