Joel Teo, Developer in Singapore, Singapore
Joel is available for hire
Hire Joel

Joel Teo

Verified Expert  in Engineering

Security Engineer Developer

Location
Singapore, Singapore
Toptal Member Since
November 23, 2021

Joel is a security engineer at ADDX, where he and a colleague maintain the security posture of the entire company. His responsibilities are handling vulnerabilities, remediation, threat modeling, and spearhead initiatives to improve the security of the business' cloud environment. Joel loves to build things to solve or automate practical problems for the people around him and tries out new technologies and concepts that he comes across, such as Kubernetes, Serverless, and containers.

SecurityWeb SecurityMobile SecurityApplication SecurityCloudCloud InfrastructureAWS DevOpsCloud SecurityPythonAmazon Web Services (AWS)UnixDevOpsPenetration TestingLinuxAmazon S3 (AWS S3)NmapSDNNessus

Portfolio

ADDX
Amazon Web Services (AWS), Cloud Security, Web Security, Mobile Security...
Freelance
DevOps, Kubernetes, AWS CodePipeline, Go, Python, Bash, Git, Cloud Security...
Toptal Client
Amazon Web Services (AWS), Python, ASP.NET, Celery, Flask, Terraform...

Experience

Python - 5 yearsAmazon Web Services (AWS) - 5 yearsPenetration Testing - 4 yearsDevOps - 4 yearsSecurity - 4 yearsServerless - 3 yearsKubernetes - 2 yearsCloud Security - 2 years

Availability

Part-time

Preferred Environment

Python, Amazon Web Services (AWS), Kubernetes

The most amazing...

...project I've done is automate the log's collection from an API, which saved the time needed to issue triage by 80%.

Work Experience

Security Engineer

2021 - PRESENT
ADDX
  • Managed security operations and triage namely SIEM, internal penetration tests, threat modeling, red teaming, and MASNET announcements.
  • Configured the security of an AWS multi-account Office 365 infrastructure.
  • Dealt with external auditors and penetration testers like TRM and ISO 27001, among others. Reported to the senior manager on recommendations.
Technologies: Amazon Web Services (AWS), Cloud Security, Web Security, Mobile Security, Kubernetes, DevOps, Penetration Testing, Amazon EKS, Amazon EC2, Microservices, Amazon Elastic Container Service (Amazon ECS), AWS CodeCommit, AWS IAM, Application Security, Amazon RDS, AWS CloudFormation, ISO 27001, Git, Go, CI/CD Pipelines, Continuous Delivery (CD), AWS Lambda, Amazon S3 (AWS S3), Unix, Linux, Docker, Network Protocols, Ubuntu, Storage, GitHub, Software-defined Networking (SDN), Amazon Aurora, Blockchain, Ruby, Networks, Cloud Infrastructure, Amazon Simple Queue Service (SQS), Amazon Virtual Private Cloud (VPC), API Gateways, Cloud, GitLab CI/CD, Load Balancers, Shell, GitLab, Infrastructure as Code (IaC), IT Security, Amazon CloudWatch, AWS Certified DevOps Engineer, Shell Scripting, Containers, Jenkins, AWS DevOps

DevOps Engineer

2022 - 2022
Freelance
  • Built and maintained pipelines to automatically make containers and push Kubernetes configurations to the cluster.
  • Wrote documentation for developer teams to ensure that they learn how to use the pipelines and improve their efficiency.
  • Troubleshot and performed root cause analysis of issues found in existing production infrastructure, and built tests and procedures to prevent it from happening again.
Technologies: DevOps, Kubernetes, AWS CodePipeline, Go, Python, Bash, Git, Cloud Security, Site Reliability Engineering (SRE), Microservices, AWS CodeCommit, TypeScript, Node.js, CI/CD Pipelines, Continuous Delivery (CD), AWS Lambda, Amazon S3 (AWS S3), Unix, Linux, Docker, Google Cloud Platform (GCP), Google Cloud, Ansible, Network Protocols, Ubuntu, GitHub, Cloud Infrastructure, Amazon Virtual Private Cloud (VPC), AWS Auto Scaling, AWS Elastic Beanstalk, Cloud, Load Balancers, GitOps, Infrastructure as Code (IaC), Google Cloud Storage, IT Security, Amazon CloudWatch, AWS Certified DevOps Engineer, Shell Scripting, Containers, Jenkins, AWS DevOps

DevOps Engineer

2022 - 2022
Toptal Client
  • Rebuilt and restarted the application from the existing infrastructure without detailed instructions.
  • Troubleshot and fixed bugs present in the system to reduce user friction.
  • Streamlined Terraform code to create and destroy environments removing unnecessary additional variables and improving security.
Technologies: Amazon Web Services (AWS), Python, ASP.NET, Celery, Flask, Terraform, PostgreSQL, SQL, Amazon EC2, PHP, AWS IAM, Amazon RDS, AWS CloudFormation, CI/CD Pipelines, Continuous Delivery (CD), AWS Lambda, Linux, Docker, Google Cloud Platform (GCP), Google Cloud, Ansible, Network Protocols, Ubuntu, Storage, GitHub, Cloud Infrastructure, Amazon Virtual Private Cloud (VPC), API Gateways, AWS Auto Scaling, AWS Elastic Beanstalk, Cloud, Shell, GitLab, GitOps, Infrastructure as Code (IaC), Google Cloud Storage, IT Security, Amazon CloudWatch, AWS Certified DevOps Engineer, Shell Scripting, Containers, Jenkins, AWS DevOps

Security Consultant

2019 - 2021
SEC Consult
  • Managed projects as project leader. I was the point of contact for multiple clients in the financial sector.
  • Provided advisory and consultation to business units, business owners, and project teams regarding cloud security. Performed training and conducted projects as a cloud security SME.
  • Performed penetration testing, vulnerability assessment, and risk management services to clients.
Technologies: Burp Suite, Nessus, NMap, Kali Linux, Postman, Amazon EKS, Amazon EC2, Microservices, AWS IAM, Application Security, Amazon RDS, AWS CloudFormation, Git, CI/CD Pipelines, Azure, Amazon S3 (AWS S3), Unix, Linux, Docker, Network Protocols, Ubuntu, VMware, Cisco, Cisco Networking, GitHub, Software-defined Networking (SDN), Amazon Aurora, Networks, Cloud Infrastructure, Cloud, Shell, System Administration, IT Security, Shell Scripting, Containers, AWS DevOps

Price Aggregator for Multiple eCommerce Websites

A SPA-based application with an API for collecting prices for specific cards and compares them in a table. I built this project on my own, from the front and back-end code to the hosting and CICD pipeline.

Machine Learning Prediction Engine for HDB Houses

https://medium.com/@orangecola3/creating-and-using-a-machine-learning-model-with-aws-sagemaker-61818a39b769
A Python-based application for creating and using a machine learning model for predicting the estimated price of a house using AWS SageMaker and Amazon Elastic Compute Cloud (EC2) instances. The predictor was created using XGBoost and trained on GPU instances for scalability.

SecDevOps Pipeline Implementation

Created a DevOps pipeline to build and perform vulnerability assessment and source code scanning to increase developers' productivity and enforce security standards for built projects. Projects included both a Ruby-based web and a mobile application.

Two-tier Serverless Architecture

A two-tier architecture built on a combination of AWS to provide automatic scaling and monitoring for the application. A CI/CD pipeline was also created to make the application, perform testing, and automatically deploy the application if the tests pass.

Languages

Python, PHP, SQL, Bash, Go, TypeScript, Ruby

Tools

Amazon EKS, AWS IAM, GitHub, Amazon Virtual Private Cloud (VPC), Shell, Terraform, AWS CloudFormation, Amazon Cognito, AWS CodeCommit, Amazon Elastic Container Service (Amazon ECS), VMware, GitLab CI/CD, GitLab, Amazon CloudWatch, Jenkins, Nessus, NMap, Postman, AWS CodeBuild, Celery, Amazon SageMaker, Git, Ansible, Amazon Simple Queue Service (SQS)

Paradigms

DevOps, Penetration Testing, Microservices, Continuous Delivery (CD), Software-defined Networking (SDN)

Platforms

Kubernetes, Amazon Web Services (AWS), Linux, Unix, AWS Lambda, Amazon EC2, Ubuntu, AWS Elastic Beanstalk, Docker, Burp Suite, Kali Linux, Google Cloud Platform (GCP), Azure, Blockchain

Storage

Amazon S3 (AWS S3), Amazon Aurora, MySQL, Google Cloud Storage, Google Cloud, PostgreSQL, Amazon DynamoDB

Other

Cloud Security, Security, Web Security, Mobile Security, Application Security, Network Protocols, Cloud Infrastructure, Cloud, IT Security, Shell Scripting, AWS DevOps, Serverless, CI/CD Pipelines, Site Reliability Engineering (SRE), ISO 27001, Amazon RDS, Networks, API Gateways, AWS Auto Scaling, Load Balancers, System Administration, GitOps, Infrastructure as Code (IaC), AWS Certified DevOps Engineer, Containers, Machine Learning, AWS CodePipeline, Storage, Cisco, Cisco Networking, Prometheus

Frameworks

ASP.NET, Flask

Libraries/APIs

Node.js, React

FEBRUARY 2022 - FEBRUARY 2025

AWS Certified DevOps Engineer Professional

AWS

FEBRUARY 2022 - PRESENT

Certified Information Systems Security Professional

ISC2

JANUARY 2022 - JANUARY 2025

AWS Machine Learning Speciality

AWS

OCTOBER 2021 - OCTOBER 2024

Certified Kubernetes Administrator

CNCF

MARCH 2020 - MARCH 2022

Microsoft Certified | Azure Security Engineer Associate

Microsoft

MAY 2019 - MAY 2022

AWS Solutions Architect Professional

AWS

MARCH 2019 - MARCH 2022

AWS Certified Speciality | Security

AWS

FEBRUARY 2018 - PRESENT

Offensive Security Certified Professional

Offensive Security

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring