Jielin is available for hire

Jielin Wong

Verified Expert in Engineering

Security Architect and Developer

Beijing, China

Toptal member since October 18, 2022

Expertise

Linux Penetration Testing Python AWS Golang System Security Cloud Engineering MacOS Visual Studio Development Docker Kubernetes Vue.js Windows Development Azure

Bio

Jielin has twelve years of experience in security. After graduating, Jielin joined one of the most famous security companies in China, NSFOCUS, where he was in charge of WAF rule design and defense function. Later he went to a startup to lead the whole company's security and an AI unicorn company, where he designed the cloud security architecture. Now, Jielin is focused on cloud security architecture design, SAST, and penetration testing.

Portfolio

SenseTime

Go, Burp Suite, Linux, Security Architecture, Networking...

SenseTime

Python 3, Penetration Testing, Threat Modeling, Burp Suite

Smartisan

Python 3, Penetration Testing, Networking, Docker, Metasploit, Vue...

Experience

Shell - 12 years
Penetration Testing - 12 years
Linux - 12 years
Metasploit - 10 years
Python 3 - 10 years
Security Architecture - 10 years
Threat Modeling - 8 years
Amazon Web Services (AWS) - 3 years

Availability

Full-time

Preferred Environment

Linux, Go, Python 3, MacOS, Visual Studio Code (VS Code)

The most amazing...

...thing I've designed is security architecture for a cloud platform.

Work Experience

Security Architect

2019 - 2021

SenseTime

Conducted product security testing and cloud security architecture design.
Designed the honeypot system, traffic monitoring system, and threat intelligence system.
Helped the company implement a security baseline design for Kubernetes and a Docker image scanning architecture design.
Received the best employee award in 2020 for my outstanding work in designing the security architecture of the cloud platform.

Technologies: Go, Burp Suite, Linux, Security Architecture, Networking, Amazon Web Services (AWS), Docker, Kubernetes, Metasploit, Vue, Threat Modeling, Data Encryption

Security Engineer

2018 - 2020

SenseTime

Oversaw the security testing of the entire SenseTime product, completing over 80 different products in total, including API scanning, fuzz testing, and firmware device testing.
Performed penetration testing of the entire cloud platform, during which configuration permission issues were used to get AD administrator privileges.
Designed an automated API scanning system, which can save fuzz time.

Technologies: Python 3, Penetration Testing, Threat Modeling, Burp Suite

Security Architect

2014 - 2018

Smartisan

Managed the whole company's security, including security architecture design, security scanning tool development, and penetration testing.
Designed a honeypot system and a traffic monitoring system in the company and also developed a bug bounty platform in cooperation with my colleagues.
Designed a basic zero-trust model based on Tencent Cloud.

Technologies: Python 3, Penetration Testing, Networking, Docker, Metasploit, Vue, Threat Modeling, Security Architecture, Data Encryption

Security Engineer

2010 - 2013

NSFOCUS

Improved security by analyzing scanner attack samples and other web security attack techniques while adding responsive security rules based on different attack methods.
Conducted internal product penetration testing.
Provided technical support for DDoS products, helping customers defend themselves against large-scale DDoS attacks by configuring rules.
Received the best new employee award in my first year of employment.

Technologies: Python 3, Penetration Testing, Burp Suite, Linux, Networking, Metasploit, Threat Modeling

Experience

Threat Intelligence Platform

Threat Intelligence Platform is a monitoring platform based on open-source threat intelligence implementation and Django. I independently implemented all the features, including the front and back ends.

MAIN FEATURES
• Getting the IPs in traffic monitoring and comparing them with the malicious IP list.
• Getting the traffic monitoring access domain and comparing it with the domain in the open-source threat intelligence.
• Implementing a timing task agent based on Celery, which is used to download data from the open-source threat intelligence platform.
• Designing and implementing a task queue for the threat intelligence platform based on RabbitMQ, which is used to query for unhit data from the open-source threat intelligence platform.

Cloud Platform Security Architecture Design

NETWORK TRAFFIC MONITORING DESIGN
Designed a Bro-based network traffic monitoring tool that can monitor the IP quintet and domain access information of the platform. I also developed threat intelligence for querying public IPs and domain names to discover unknown risks. Monitored the intranet for malicious scans and other behaviors based on TCP flag statistics.

KUBERNETES SECURITY BASELINE DESIGN
I used Kube-bench and Kube-hunter to perform basic security scanning of Kubernetes to meet the security baseline requirements.

DOCKER IMAGE SECURITY SCANNING DESIGN
Used ClamAV and Clair to implement Docker's image scanning architecture, which can solve the risk of malicious files in the image and the use of vulnerable components.

OSQUERY-BASED HOST MONITORING
I designed osquery-based host monitoring rules and infrastructure to detect reverse shells and malicious processes.

Automated API Fuzz Tool Based on Mitmproxy

I wrote a proxy tool that can be used to intercept HTTP requests. This tool automatically adds the payload to the HTTP request parameters. I used sqlmapapi.py, CasperJS, and my plugins to automate the scanning of the back-end API. My fuzz tool can help reduce the original manual testing time from eight hours to one hour.

Education

2006 - 2010

Bachelor's Degree in Information Security

Guizhou University - Guizhou, China

Certifications

JANUARY 2022 - PRESENT

AWS Certified Security – Specialty Certification

Amazon Web Services

SEPTEMBER 2021 - SEPTEMBER 2024

Certified Red Team Professional (CRTP)

Pentester Academy

APRIL 2019 - PRESENT

Offensive Security Certified Professional (OSCP)

Offensive Security

AUGUST 2014 - AUGUST 2023

Certified Information Systems Security Professional (CISSP)

(ISC)²

Skills

Libraries/APIs

Vue

Tools

Shell, Metasploit, RabbitMQ, Celery, Osquery, Sqlmap

Languages

Python 3, Python, Go

Paradigms

Penetration Testing, REST

Platforms

Linux, Amazon Web Services (AWS), MacOS, Visual Studio Code (VS Code), Docker, Kubernetes, Windows, Burp Suite

Frameworks

ASM, Windows PowerShell, Django

Storage

Azure Active Directory, MongoDB

Other

Threat Modeling, Security Architecture, Ethical Hacking, Networking, Crypto, Data Encryption, Reverse Engineering, Cloud, Active Directory Federation, Threat Intelligence, XSS Testing

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring