Lin Aung

I'm a dedicated Security Engineer with over five years of hands-on experience in penetration testing, red teaming, and offensive security operations. My focus is on helping organizations identify real-world vulnerabilities before adversaries can exploit them, whether it's through external perimeter testing, internal network assessments, phishing campaigns, or cloud-based compromise simulations.

Throughout my career, I've had the opportunity to work across a wide range of environments and industries, aligning my testing with compliance frameworks such as PCI DSS and NIST.

I hold certifications including OSCP, CRTO, PNPT, Pentest+, EJPT, and CEH, and I enjoy contributing to the community by mentoring and instructing others who are passionate about cybersecurity. Teaching has allowed me to stay sharp, share my experiences, and learn continuously from others in the field.

Cybersecurity professional with over six years of hands-on experience in offensive security, specializing in penetration testing, red teaming, adversary simulation, and phishing engagements. Proven ability to conduct full-scope assessments across internal networks, cloud environments, and web applications using tools such as Cobalt Strike, Burp Suite, Nessus, Impacket, and custom scripts in Python and PowerShell. Experienced in client-facing roles, delivering executive-level reporting and remediation guidance.

In addition to technical work, actively involved in cybersecurity education through platforms like Nexus Infosec, Wyzant, Tutor dot com, and ADPList, mentoring over seventy individuals. Contributed to the CompTIA PenTest Plus SME program, shaping industry certification content. Holds certifications including OSCP, PNPT, CRTO, Pentest Plus, CEH, and eJPT. Skilled in aligning offensive work with frameworks such as MITRE ATT&CK, OWASP Top Ten, and NIST 800-115.

Bachelor of Science in Computing with a focus on Networking, awarded by the University of Greenwich, United Kingdom. Graduated in 2021 with a GPA of 3.7. The program included in-depth coursework in network infrastructure, system administration, and security fundamentals, providing a strong technical foundation for a career in offensive cybersecurity.