Vanessa Kong

Wesfarmers OneDigital is a multi-business corporate which has 3 business sectors: OnePass, OneData and Catch.com.au and. My day-to-day work here mainly involves interactions with OnePass and OneData, and sometimes will cover Catch as needed. My main contributions include the following:

- Leading and owning the CNAPP tool transitioning project from Orca to Wiz for OneDigital:

• Stakeholder management: including vendor assessment, involvement in communication with Wiz Account Manager on project progress, quote discussion, project planning, executive reporting, etc.
• Platform implementation: including Wiz POV deployment to critical AWS accounts, SSO and Access Package setup, SIEM integration, GitHub integration, issues and vulnerabilities review, fine tuning user access, etc.

- Developing Security in SDLC Roadmap.

- Developing PowerShell scripts for sending alerts on Microsoft Entra ID Application Registration secret expiry and Enterprise Application SAML certificate expiry to Slack, which ensures our platforms' availability and prevents any service outages caused by secret expiry.

- Conducting security design reviews: including infrastructure design reviews, security header reviews, ad hoc change reviews, etc.

- Collaboratively working with the Platform and IT Support team on application access management.

- Reviewing and managing AWS access.

- Contributing in development API standards.

- Contributing in documentation uplift.

- Contributing in Wiz and NoName BAU for Catch.

- Other BAU tasks: including Zscaler, Access Package requests, travel exemptions, etc.

- Mentoring other team members.

Brand Development Contribution:

Cyber@Mantel is a recently-established cybersecurity brand in Mantel Group, where there is quantities of internal initiatives to be done. My contribution include the following:

- Leading a team on developing in-house Incident Management solution:

• Developing project strategy.
• Working collaboratively with the team on doing technical research and brainstorming ideas for gamifying the solution and increased involvement across the company, as well as and developing user stories.
• Facilitating meetings with different stakeholders.
• Communicating with our continuous assurance platform team on solution integration and translate their needs/requirements into step-by-step plan for my team.
• Supporting team for any technical issues or blockers.

- Coaching and mentoring other team members:

• Taking ownership of the Mantel Group Traineeship program: developing project roadmap, mentoring the mentors, sprint planning, facilitating workshops, collecting feedback for the trainees, etc.
• Providing 1-on-1 mentorship to the Cyber trainee by helping her build personal development plan, guiding her on soft skills and answering her day-to-day questions on all aspects.
• Providing a long-term mentorship to other team members by catching up with them regularly, helping them build both short-term and long-term plans, etc.

- Involved in recruitment process and interviews

- Client project:

• Planned and conducted AWS cloud security assessment for the client both manually and using Plerion.
• Created and communicated plans with the client for migration and remediation on IAM, data protection, networking security and automation.
• Implemented migration and remediation steps, including introducing Infrastructure as Code (Terraform) and CI with OIDC configuration to the team, AWS Control Tower, rolling out SSO access for all the employees, implementing quick wins, migrating the workload to a new infrastructure following cloud security best practices, etc.
• Educated their employees for engineering best practices, including secret management, CI/CD management and so on, by providing documentation, learning resources, materials and workshops.

- Client Project 1:

• Helped them migrate one of their critical containerised applications from Azure to AWS using Terraform.
• Contributed more than 80% of the code.
• Implemented security best practices alongside the new infrastructure, including least privilege, secret management, networking security, etc.
• Collaborated with our tech lead to help the developers on continuous application troubleshooting.

- Client Project 2:

• Worked collaboratively with the team on deploying CSPM solution into their GitHub Actions pipeline using Cloud Conformity.
• Designed and implemented solutions for increasing the availability of GitHub Actions runners by 3 times and reducing disaster recovery time from around a few hours to just a few minutes.
• Monitored GitHub Actions runner performance using New Relic.

- Client Project 3:

• Designed and implemented solution for Integrating SIEM solution with AWS Security Hub, which afterwards was used as an example in a presentation in AWS Activation Day event delivered by our tech lead. I helped him on preparing the slide deck.
• Deployed Route 53 Resolver Firewall using Firewall Manager.
• Worked collaboratively with the team on developing golden images for Red Hat Linux and Amazon Linux 2 using EC2 Image Builder.
• Designed and initialised a Python script for cleaning up thousands of unused and legacy AMIs and associated EBS Snapshots across multiple AWS accounts. (Offboarded the client without finishing it)

Internal Initiatives:

• Cohosted a security workshop for both internal and client audience for 3 intakes in a row as well as developed lab content for it.
• Helped facilitating the Traineeship Program and provided support for the trainees.
• Helped facilitating and hosting meetups and events in our office.

Assisted the seniors on multiple projects on:

• Maintaining and expanding client's AWS platform.
• Monitoring misconfiguration alerts.
• Upgrading CI/CD pipelines.
• Application and server mapping and analysis, cost estimation and security risk analysis for a migration project.

Helped facilitate the Traineeship Program.

• Implemented and supported automated CI/CD processes (GitLab CI).
• Automated infrastructure and application deployment and provisioning.
• Deployed AWS security services using Terraform.