Fengnan Wang Email and Phone Number

As a Senior Security Consultant in the AWS Professional Services team, I specialize in delivering exceptional AWS cloud security solutions and services for enterprise clients:1. Design and Implement AWS Cloud Security Infrastructure: Develop and implement secure infrastructure solutions based on AWS, ensuring the security and reliability of client workloads on the AWS cloud.2. Security Consultation for Digital Transformation: Provide security consulting services during clients' digital transformation, including hosting AWS cloud security training workshops to empower client teams with comprehensive knowledge of cloud security best practices and skills.3. AWS Cloud Security and Architectural Assessments: Conduct AWS cloud security assessments and architectural evaluations, offering clients a comprehensive security risk assessment and personalized security architecture recommendations.4. AWS Cloud Security Control Mapping for Compliance: Deliver AWS cloud security control mappings to meet compliance requirements, ensuring clients strictly adhere to industry standards and regulations within the cloud environment.5. Assistance in Secure Cloud Migration and Application Modernization: Collaborate with clients on secure cloud migration and application modernization journeys, ensuring a smooth transition while minimizing security risks.6. Implementation of AWS Native Security Services: Provide implementation services for AWS native security services, leveraging the latest security features from AWS to enhance the overall security posture of client systems.

As a Senior Security Consultant within the Microsoft Consulting Services division, specializing in delivering Microsoft security solutions and associated services tailored for enterprise clients:1. Zero Trust Security Framework Implementation: Applying Microsoft's "Zero Trust" security framework, establishing identity as the boundary and control plane. By integrating various services, designing and implementing cutting-edge Identity and Access Management (IAM) solutions.2. Multi-Layered Defense on Azure/M365 Cloud: Offering recommendations and solutions for the integration of multi-layered defense security systems on Microsoft Azure/M365 cloud, ensuring comprehensive security coverage.3. Microsoft M365 Cloud Security Components: Designing and implementing Microsoft M365 cloud security components, encompassing various services to comprehensively enhance client security.4. Threat Protection: Designing and implementing the Microsoft security operations framework with threat protection at its core. Leveraging multiple cloud security services and other cloud-native security services for efficient security management.5. Application Security with Security Development Lifecycle (SDL): Utilizing the Security Development Lifecycle (SDL) and implementation guides to provide application security recommendations, ensuring the security of client applications.6. On-Premise Security Solutions Implementation: Designing and implementing on-premise security solutions, including security hardening, privileged access management, privileged access workstations, and security assessments.7. Active Collaboration and Pre-Sales Technical Support: Actively collaborating and participating in security webinars, knowledge-sharing sessions, 1:1 enterprise discussions, and security training camps organized by the sales, marketing, services, and public cloud departments. Offering professional pre-sales technical support to both existing and potential enterprise clients.

As a Security Consultant with the Daimler China Application Security Team (outsourced), I specialize in providing comprehensive security analysis services for business departments:1. Utilize threat modeling techniques to gain a deep understanding of potential threats, offering security analysis services for applications and providing targeted security recommendations.2. Lead the design and review of application security infrastructure, ensuring the feasibility and robustness of system architecture from a security perspective to guarantee the overall security of applications.3. Implement cloud security risk assessments, conducting thorough analysis and evaluation to ensure applications in the cloud environment achieve the highest level of security, providing business departments with trustworthy cloud services.4. For identified security risks, deliver practical and feasible mitigation plans and recommendations to significantly enhance the overall security posture of systems.

Senior Network Security Engineer responsible for Razer's cloud production environment security configuration and leadership in enterprise security projects:1. Lead the secure configuration of Razer's production environment using AWS security best practices to ensure overall system stability and defense.2. Configure and execute Tenable.IO vulnerability scans in Razer's AWS environment, ensuring system robustness through comprehensive vulnerability detection.3. Monitor, investigate, and track error reports from the HackerOne platform and Razer Security Response Center to promptly identify and address potential security issues.4. Actively participate in the "Razer Pay" PCI DSS A-EP compliance program, conduct SAQ activities, coordinate recovery actions, and perform PCI ASV scans to ensure the payment system meets the highest security standards.5. Contribute to Razer's GDPR plan, conduct Privacy Impact Assessments (PIA), complete data registration, coordinate compliance activities, ensuring the privacy and security of personal data.6. Actively participate in the selection and deployment of WAF products, adding a Web Application Firewall for enhanced security at the web application layer.

As a member of the Sopra Steria Network Security Team (SOC), I specialize in providing network security services for the Singapore Land Transport Authority (LTA) and the aerospace industry (Airbus Group). Proficient in the following key areas:1. Network Security Intelligence and Threat Analysis: Conduct in-depth research and analysis of network security intelligence to formulate effective security strategies, ensuring robust protection by comprehensively assessing potential threats.2. Remote Security Incident Investigation: Swift and precise response to security incidents through remote investigation, minimizing the impact of potential threats and implementing timely countermeasures to safeguard client security.3. Operations Center Assurance: Ensure continuous monitoring of network security, promptly detecting and responding to any potential threats, safeguarding the secure operation of client businesses.4. Security Technology Consultation: Provide in-depth security technology consultation as a specialist advisor, assisting clients in developing and implementing innovative solutions to address the evolving threat landscape.5. Bid Preparation: Actively engage in bid preparation, offering solid support for the company to win new business opportunities by showcasing professional security knowledge and experience.6. Project Leadership: Lead project implementations, assuming a pivotal role in strict adherence to best practices and high standards, ensuring that delivered solutions not only meet client expectations but also achieve optimal levels of security.

As an Information Security Engineer and a member of the Airbus Asia-Pacific Network Security Team, I am responsible for overseeing internal security operations within the Airbus Group. My primary responsibilities include:1. Daily Security Operations: Handling security requests, responding to security incidents, conducting SOC alert investigations, and developing security operational procedures to ensure the daily security maintenance and monitoring of the company's network.2. Coordination and Implementation of Internal Security Projects: Coordinating and advancing internal security projects in accordance with the company's project management process. This involves deploying various security solutions, ISO27001 certification initiatives, and the deployment of DLP (Data Loss Prevention) & SIEM (Security Information and Event Management) systems.3. Security Tool Support: Assisting in security event investigations, analysis, response, and daily monitoring activities using internal security tools and systems to ensure the security of the systems.4. Preparation of Security Risk Assessments: Participating in the company's global compliance plan, internal and external audits related to ISMS ISO27001 certification, and handling post-audit corrective actions to ensure the company's compliance and security.5. Monitoring in Data Leakage Prevention Systems: Monitoring potential data leakage events within the data leakage prevention system and generating security monitoring dashboards on the security event management platform to support the timely identification and response to potential risks.6. Assessment of Unusual Security Requests: Evaluating abnormal security requests, participating in IT change management, and user security awareness training activities to enhance overall security literacy and awareness.

As an IT Engineer in the Project Management Office at Boxun Technology, responsible for supporting the team in delivering comprehensive enterprise IT integration solutions.

IT Service Desk Specialist, specializing in providing online customer IT technical support. Working in a diverse IT environment, resolving user desktop IT issues and/or incidents through online remote methods.

As a member of the IT Front Desk Team at Gemalto, responsible for providing IT support for the management office and research and development center.