ABOUT ME
A fourth-year Cybersecurity student expanding skills in Network Engineering. Possesses a solid foundation in security and penetration testing (Pentesting), enhancing a security- rst mindset in network design and operations. Seeking a Network Engineer position to leverage networking and security expertise in ensuring infrastructure performance and security for enterprises.
Ngo Bui Truong Vu
Security Engineer
15/10/2003 Cau Giay, Ha Noi 039******* ****************@*****.*** 1 of 2 - ©VietCV.io
ACTIVITIES
HOBBIES
Finding and exploiting
security vulnerabilities
Researching and testing
new a ack techniques
Participating in CTF
(Capture The Flag) and Bug
Bounty programs
Reading security
documentation, blogs, and
forums
h ps://www.cve.org/CVERecord
id=CVE-2025-46481
h ps://www.cve.org/CVERecord
id=CVE-2025-47629
h ps://www.cve.org/CVERecord
id=CVE-2025-47537
h ps://www.cve.org/CVERecord
id=CVE-2025-47538
h ps://www.cve.org/CVERecord
id=CVE-2025-47643
h ps://www.cve.org/CVERecord
id=CVE-2025-47683
PENTESTER INTERN
FORE CO., LTD & SUGANUMA August 2023 - Present
PENTEST CONTRIBUTOR
CENTER OF SOFTWARE ENGINEERING - DUY TAN
UNIVERSITY
May
2024 -
September
2024
PURPLE TEAM
IPSIP VIET NAM June 2025 - February 2026
WORK EXPERIENCES
Participated in the BlueRock training project at Fore Co., Ltd. in collaboration with Suganuma. Worked on real projects to discover, analyze, and report security vulnerabilities and propose remediation measures. Performed penetration testing (web) for both demo and real projects, participated in Bug Bounty activities (demo and real), and conducted vulnerability diagnostics for demo and production environments. Used tools such as Metasploit, Burp Suite, and Nmap to simulate a acks and validate ndings.
Participated in, accessed and tested the school's network system, assisted in assessing, testing and improving the security of the IT system. Reported detailed vulnerabilities on all school websites and proposed solutions. Additionally, I was given the opportunity to research new technologies and trends in the eld of network security, develop tools and integrate automation to support pentesting work. Identi ed and reported over 20 Low to Critical vulnerabilities in a timely manner
Worked as a Purple Team member at IPSIP, bridging Red and Blue operations to enhance overall security posture. Conducted a ack simulations to evaluate detection and response capabilities across SIEM, SOAR, SEKOIA, and SentinelOne platforms. Analyzed logs from rewalls, servers, and endpoints, tuned detection rules, reduced false positives, and improved incident response e ectiveness through close collaboration with SOC teams 2 of 2 - ©VietCV.io
SKILLS
OS (Ubuntu, Windows Server,
KaliLinux, MACOS)
Python, PHP
Ability to evaluate source code
of web/mobile applications and
perform Black-box/Gray-box
penetration testing.
NodeJS, JavaScript
BurpSuite, Metaploit, ZAP,
Nmap
Cloud & Virtualization: AWS,
Azure, VMware, Docker
Teamwork
ENGLISH
LANGUAGES
Intermediate English
Communication (TOIEC ~550)
SOC ANALYST
CMC TELECOM (ONSITE TECHCOMBANK) March 2026 - Present HANDS-ON PRACTICE
WEB PENTEST HTB AND CTF
UNDERGRADUATE
DUY TAN UNIVERSITY August 2021 - August 2025
EDUCATION
Responsible for monitoring system security 24/7 via SIEM, EDR, SOAR, and SOC tools; performing triage and alert analysis to assess severity and prioritize remediation. Tasks include analyzing logs from rewalls, endpoints, and servers to detect a ack signs, coordinating investigations, and handling incident responses.
-Hack The Box (HTB): Practice security testing on real systems, exploit vulnerabilities, escalate privileges and evaluate the security level of the system.
-PortSwigger Web Security: Complete 80% of the lab with exercises on exploiting web vulnerabilities such as SQL Injection, XSS, SSRF, IDOR
-Capture The Flag (CTF): Participate in cybersecurity competitions with challenges on Web, Forensics, Crypto, Reverse
GPA: 3.4/4.0
*Capstone Project 1 ( SCIENTIFIC RESEACH) : Deploy An Identify And Access - -
- Management Solution With FreeIPA For Enterprise (FIMAS) Focusing on deploying an Identity and Access Management (IAM) system for enterprises using FreeIPA, an open-source solution that manages users, groups, access permissions, and centralized authentication.
*Capstone Project 2 (SCIENTIFIC RESEACH): Applying Machine Learning to Enhance Automated Incident Response (ML-AIR)
- Focusing on the application of Machine Learning (ML) in automated incident response systems to detect threats, provide early warnings, and proactively mitigate a acks, thereby reducing the workload for Security Operations Centers (SOC).