Benjamin Lim | Resume

Lim Binjie Benjamin

Email: mail@limbenjamin.com Web: https://limbenjamin.com

Experience

Senior Principal Engineer (MDR) | Dell Technologies2024 – Present

Principal Engineer (MDR) | Dell Technologies2021 – 2024

• Involved in set up of Managed Detection & Response (MDR) service from 0 to 800+ customers globally.
• Provided subject matter expertise on attack techniques, threat hunting and malware analysis.
• Supported launch of Proactive Cybersecurity services and integration of Threat Intel tools.
• As Cybersecurity Automation Team Lead, spearheaded development of Python WebApp to scale MDR.
    ○ Assigns alerts and investigations from multiple tenants to on-shift analysts on a single pane of glass.
    ○ Implement playbooks to automatically label alerts based on set criteria.
    ○ Generates reports and slides for customer review, as well as metrics for billing and reporting.
    ○ Used GenAI to review investigation quality and translate customer communications.
    ○ 180K Alerts, 28K investigations assigned, 2K customer reports, 9K investigations reviewed to date.
    ○ 4 geographically distributed instances. Automated CI/CD using Azure DevOps pipeline.
    ○ Led team of developers to optimize Web App and continue feature development.

Assistant Vice President (Red Team) | OCBC Bank2020 – 2021

• Rebuilt Red Team capability by drafting red team strategy, workplan and process documents.
• Conducted red team exercise and security assessments on endpoint and infrastructure.
• Developed custom implants and prepared attack plans for Intel-led threat scenarios.
○ Implants included a VBA macro which broke process ancestry by spawning an IE COM object.
• Mentored junior colleague on Red Team fundamentals.

Associate (Cyber Forensics) | Deutsche Bank2018 – 2020

• Performed data acquisition, recovery and forensic analysis of systems.
• Analysed malware compromise, policy violation and data exfiltration cases.
• Conducted Threat Hunting activities as part of feasibility trial.
○ Identified internal Red Team activity. Led to setup of permanent Threat Hunt team.
• Performed product evaluation and PoC testing on forensic tools.

Penetration Tester (Red Team) | Ministry of Defence2016 – 2018

• Performed "Assume Breach" black box Red Team engagements.
• Responsible for entire engagement from enumeration to exfiltration.
• Wrote custom tools and scripts for lateral movement and persistency.
• Researched on emerging Red Team tools and antivirus evasion techniques.

Courses & Certifications

GIAC Cloud Security Automation (GCSA)2024

Microsoft Security Administrator Associate (MS-500)2022

Microsoft Azure Security Engineer Associate (AZ-500)2022

Microsoft Security Operations Analyst Associate (SC-200)2022

Advanced Exploit Development for Penetration Testers (SEC760)2022

Offensive Security Certified Expert (OSCE)2020

GIAC Reverse Engineering Malware (GREM) - Expired2019 - 2023

GIAC Certified Forensic Analyst (GCFA)2018

CREST Registered Penetration Tester (CRT) - Expired2018 - 2021

CREST Practitioner Security Analyst (CPSA) - Expired2018 - 2021

Advanced Penetration Testing, Exploit Writing, and Ethical Hacking (SEC660)2017

Certified Information Systems Security Professional (CISSP) - Expired2017 - 2019

Offensive Security Certified Professional (OSCP)2017

Organizational Systems Security Analyst (OSSA)2016

Education

Master of Laws | The University of Edinburgh2023 - Present

Master of Laws in Information Technology Law

Bachelor of Computing (Distinction) | National University of Singapore2012 - 2015

• Bachelor of Computing (Information Systems) with Honours (Distinction)
• Specialization in Information Security
• Participated in an exchange program in US and internship in Switzerland

Misc

Others

• Submitted valid vulnerabilities to Bitdefender, FireEye & Sophos Bug Bounty program.2020 - 2022
• Top 10 team in open category of STACK the Flags CTF.2020
• Discovered currently unpatched method to crash Windows Event Logger Service.2020
• Completed the 6th annual Flare-On Challenge.2019
• Top 3 team in CLOUDSEC Challenge.2019
• Developed tools that log TCP connections, perform timestomping and other functions.2016 - Present

Awards

• Won the SEC660, FOR508, FOR610, SEC540, Core and Cyber Defense NetWars Coin
• Black Hat Asia 2015 Student Scholarship Recipient

Organizations & Volunteer Work

Repair Coach | Repair Kopitiam2023 – Present

• Community initiative to assist residents in repairing common household electrical goods (e.g. fans, ovens).

IT Commissioner | The Singapore Scout Association2022 – Present

Co-opted Member (IT Committee) | The Singapore Scout Association2020 – Present

• Currently drafting and executing the association's digital transformation roadmap.
• Initiatives include cashless donation, e-learning platform and digitalizing administrative processes.
• Prepared functional specifications document, performed penetration test and drafted IT security policy.

Board Member | GIAC Advisory Board2019