Lim Binjie Benjamin
Web: https://limbenjamin.com
Experience
Principal Engineer | Dell TechnologiesFeb 2021 – Present
• Involved in set up of Managed Detection & Response (MDR) service from 0 to 200+ customers globally.
• Provided subject matter expertise on attack techniques and performed malware analysis.
• Implemented and executed monthly Threat Hunt for existing MDR customers.
• Developed and deployed Python Web App with Azure DevOps, allowing MDR service to scale.
    ○ Assigns alerts and investigations from multiple tenants to on shift analysts on a single pane of glass.
    ○ Implemented playbooks to automatically label alerts based on set criteria.
    ○ Generates reports and slides for customer review, as well as metrics for billing and reporting.
• Led team of developers to optimize Web App and continue feature development.
Cyber Defence Analyst (Red Team) | OCBC BankApr 2020 – Feb 2021
• Rebuilt Red Team capability by drafting red team strategy, workplan and process documents.
• Conducted red team exercise and security assessments on endpoint and infrastructure.
• Developed custom implants and prepared attack plans for Intel-led threat scenarios.
    ○ Implants included a VBA macro which broke process ancestry by spawning an IE COM object.
• Mentored junior colleague on Red Team fundamentals.
Cyber Forensics Specialist | Deutsche BankMay 2018 – Jan 2020
• Performed data acquisition, recovery and forensic analysis of systems.
• Analysed malware compromise, policy violation and data exfiltration cases.
• Conducted Threat Hunting activities as part of feasibility trial.
    ○ Identified internal Red Team activity. Led to setup of permanent Threat Hunt team.
• Performed product evaluation and PoC testing on forensic tools.
Penetration Tester (Red Team) | Ministry of DefenceFeb 2016 – May 2018
• Performed "Assume Breach" black box red team engagements.
• Responsible for entire engagement from enumeration to exfiltration.
• Wrote custom tools and scripts for lateral movement and persistency.
• Researched on emerging red team tools and antivirus evasion techniques.
Courses & Certifications
Security Administrator Associate (MS-500)Aug 2022
Azure Security Engineer Associate (AZ-500)Aug 2022
Security Operations Analyst Associate (SC-200)Jul 2022
Advanced Exploit Development for Penetration Testers (SEC760)Mar 2022
Offensive Security Certified Expert (OSCE)Jan 2020
GIAC Reverse Engineering Malware (GREM)Aug 2019
GIAC Certified Forensic Analyst (GCFA)Dec 2018
CREST Registered Penetration Tester (CRT) - ExpiredMay 2018 - Nov 2021
CREST Practitioner Security Analyst (CPSA) - ExpiredMay 2018 - Nov 2021
Advanced Penetration Testing, Exploit Writing, and Ethical Hacking (SEC660)Oct 2017
Certified Information Systems Security Professional (CISSP) - ExpiredOct 2017 - Jun 2019
Offensive Security Certified Professional (OSCP)Aug 2017
Organizational Systems Security Analyst (OSSA)Oct 2016
Misc
Others
• Submitted valid vulnerabilities to Bitdefender, FireEye & Sophos Bug Bounty program.2020 - 2022
• Top 10 team in open category of STACK the Flags CTF.Dec 2020
• Discovered currently unpatched method to crash Windows Event Logger Service.Oct 2020
• Completed the 6th annual Flare-On Challenge.Sep 2019
• Top 3 team in CLOUDSEC Challenge.Aug 2019
• Developed tools that log TCP connections, perform timestomping and other functions.2016 - Present
Awards
• Won the SEC660, FOR508, FOR610, Core and Cyber Defense NetWars Coin
• Black Hat Asia 2015 Student Scholarship Recipient
CVEs
CVE-2017-14126, CVE-2017-14766, CVE-2018-3810, CVE-2018-3811, CVE-2019-13344
Organizations & Volunteer Work
Assistant IT Commissioner | The Singapore Scout AssociationJan 2022 – Present
Co-opted Member (IT Committee) | The Singapore Scout AssociationJan 2020 – Present

• Currently drafting and executing the association's digital transformation roadmap.
• Initiatives include cashless donation, e-learning platform and digitalizing administrative processes.
• Prepared functional specifications document, performed penetration test and drafted IT security policy.
Board Member | GIAC Advisory BoardAug 2019
Education
Bachelor of Computing (Honours) | National University of SingaporeAug 2012 - Dec 2015
Bachelor of Computing (Information Systems) with Honours (Distinction)
Specialization in Information Security