*

SHAOBIN WANG

Address: Sammamish WA *****, Cell: 425-***-****, email: ad3ec8@r.postjobfree.com

SUMMARY

• 8+ years’ experience in identifying security vulnerabilities, software development lifecycle, large- scale computing, modeling, cyber security, and anomaly detection. Lead a team of engineers building automation and tooling to streamline and scale detection of vulnerabilities, defining effective security controls, design security mitigations, partnering with engineering teams in implementing security controls, and defining security best practices.

• 16+ years practical experience of data security, information security and cloud security. Data driven, customer focused, self-motivated, and organized. WORK EXPERIENCE

Security Director, AWS, Amazon 2015 - 2023

• Drive Security by Design based on Zero Trust Model and NIST-CSF. Security design reviews, code reviews, and penetration testing on key features. Build solutions in in-transit encryption, authentication / authorization, end to end integrity of customer data, service hardening, vulnerability management / patching, incident response capabilities.

• Drive Security by Default with defense-in-depth to secure infrastructure and customer data. Building automation and tooling to streamline and scale detection of vulnerabilities, defining effective security controls, design security mitigations, partnering with engineering teams in implementing security controls, and defining security best practices.

• Drive Security in Deployment. Lead service SDLC accordance with accepted industry, professional, and government standards. Perform service security assessment of existing systems and code and drive remediations, to ensure security design integrity, availability, confidentiality, and regulatory compliance.

• Manage a team of security engineers through mentorship and coaching. Develop a team culture of engineering excellence, collaboration, and inclusion. Create clarity, energy, and cohesion across the team. Prioritize work based on business needs and clearly communicate plans.

• Collaborate with teams of security experts to understand their requirements, improve existing processes and tools and build tools to streamline or automate common tasks.

• Provide security training and consultant. Guidance for service teams on what controls to build when developing new services and how. Comply with GEAR (Global Engineering and Architecture Review Core), FedRAMP, HIPAA, PCI, SOC 1/2/3, ISO27001/270017/270018, NIST-CSF, GDPR, MLPS, etc.

• Research on cloud security best practices. Released two patents, one cloud computing security practices professional book.

• AWS MVP award, AWS (2017 SKO).

• AWS certified specker on cyber security, 20+ keynotes speech on public conference.

• Cyber Security group Co-Chair in the United States Information Technology Office (USITO). Principal Security Technical Program Manager, Intel. 2011 - 2015

• Responsible for formulating overall objectives and security strategy for security program. Manage project execution (cost/schedule/performance) of a portfolio of internally and externally funded cybersecurity research projects based on Intel TXT and TPM2.0 technology to drive complex strategic, security initiatives to delivery.

• Work on Intel SGX, TXT and TPM2.0 solutions with ecosystem partners in systems, engineering, systems integration.

• Manage a team of Product Managers and deliver a differentiated platform with well-defined Objectives & Key Results.

2

• Collect, analyze, and synthesize insights from platform telemetry and customer feedback to drive decisions and identify new opportunities for impact.

• Co-Chair of GCRF group in TCG.

• Cyber Security group Co-Chair in the United States Information Technology Office (USITO).

• Publicity Chairs of 10th International Conference on Security and Privacy in Communication Networks, 2014

• Award: Intel, 2014 For Supporting Nations in Getting Approval to Sell the First TPM Chip

• Award: Intel, 2013 For Enabling Support for IA In TEE Standards for Smart Terminals.

• Award: TCG President awards, Trusted Computing Group (2012).

• Award: Intel, 2011 Top Sales and Innovation.

Principal security engineer, Huawei Technologies. 2007 - 2011

• Research on network security and information security. Lead Offensive and Defensive Security teams providing operational and strategic planning and prioritizing the allocation of resources. Create clarity by concisely framing customer problems and needs, customer impact, solution description & feature requirements, dependencies.

• Lead Huawei trusted computing technology research. Serve as a team leader and program manager for multiple contracted research efforts.

• Lead “Research for security assessment of mobile intelligent terminal technology” (2011).

• Lead “security mechanism research on application security as the core of the trusted virtual monitor” (2009-2011).

• 2010 NADSS (Network Attack and Defense and System Safety conference) program committee member.

• Released ten patents on trusted computing technologies in 2007-2010. Award: ten Huawei Patents awards. (2008-2010).

Professor, University of Science and Technology Beijing. 2005-2007

• Offensive Research & Security Engineering on information system. Released two professional books, The Offense and Defense in Information System, Data Structure.

• Master’s degree advisor in cybersecurity. lecturer in Data structure, Information system security theory, cryptogram theory, watermark and information Hiding, EDUCATION

PHD in Computing Sciences. Research on Offense and Defense in Information System Huazhong University of Sciences and Technology, 09/2002-07/2005 Post Doctor: Graduate University of Chinese Academy of Sciences, 07/2006–06/2008 Research on cybersecurity in State Key Laboratory of Information Security. Executive MBA Programs, Robert H. Smith School of Business. University of Maryland. 04/2019– 09/2020

Contact this candidate