Brian Young

Senior Cybersecurity Engineer | CISSP | OSCP | RNCP Level 7 | Mentor

Singapore, Singapore

About

I am a cybersecurity engineer with a background in software engineering and systems architecture, experienced in both building and securing complex systems. My work spans offensive security, security research, and secure software engineering. In recent years, I have developed a growing interest in DevSecOps and security automation, with a focus on embedding security into engineering workflows and improving the way security testing is performed. I am particularly interested in application security, authorization testing, and exploring how AI can augment security engineering and secure software development practices. Beyond technical work, I care deeply about systems thinking, teaching, and mentoring engineers. I believe that strong systems are ultimately built by strong engineers, and I enjoy translating deep technical concepts into practical, scalable outcomes that teams can adopt and sustain. My professional journey has included unconventional learning paths, from being part of the pioneering cohort at 42 to earning the French RNCP Level 7 qualification and being recognised as Valedictorian for the University of Warwick MSc Cyber Security and Management programme. These experiences have reinforced my belief in lifelong learning, resilience, and giving back to the engineering community.

Experience

  • DSTA (Singapore · On-site)
    • Senior Cybersecurity Engineer
      Mar 2025 - Present · 1 yr 5 mos

      - Engineered Python-based security automation to replace manual access-control testing workflows and support scalable DevSecOps pipeline integration. - Evaluated testing approaches and engineered a headless proof-of-concept for repeatable security validation.

    • Cybersecurity Engineer
      Dec 2022 - Mar 2025 · 2 yrs 4 mos

      - Conducted mobile application security assurance through reverse engineering, control bypass analysis, and controlled validation of compliance risks. - Documented findings, mitigation recommendations, validation outcomes, and peer-reviewed vulnerability assessments for technical stakeholders.

  • Cybersecurity Analyst at Embrio Enterprises Pte Ltd
    Sep 2022 - Dec 2022 · 4 mos

    - Reviewed security architecture and infrastructure diagrams for internal and external clients. - Conducted Nessus-based vulnerability assessments and prepared management reports supporting ISO 27001 audit certification.

  • Freelance Software Developer / Postgraduate Cybersecurity Transition at Freelance; Self-employed IT professional
    Sep 2020 - Dec 2022 · 2 yrs 4 mos

    - Undertook selected freelance software development work while completing MSc Cyber Security and Management during COVID-19. - Built cybersecurity foundations across security risk, architecture, governance, and operations. - Completed qualitative research on Singapore IP camera users, linking user behaviour, security controls, and secure product design.

  • Senior Manufacturing Test Engineer at Verifone
    Mar 2020 - Sep 2020 · 7 mos

    - Collaborating with international colleagues on developing test applications for Verifone Point of Sales (POS) devices. - Improve existing test applications through research and development, reverse engineering.

  • Senior Lead Software Engineer at Insas Technology Berhad
    Jun 2018 - Oct 2019 · 1 yr 5 mos

    - Developed Augmented Reality applications for multimedia advertisements with Unity. - Published NUJOK mobile application on Android and iOS stores. - Promoted from Software Intern to Senior Software Lead.