Gabriel Tang

Director (Cyber Technology), Cybersecurity at DSTA

Singapore

About

Threat Risk Assessment, Secure Design and Vulnerability Assessment • Subject matter expert on threat risk assessment, secure design and vulnerability assessment • Lead security design and implementation • Execute joint workstreams/exchanges with global engineering teams from major technologies partners including cloud service providers, cyber solutions providers and cyber defence partners • Key Projects: Self-Built Cloud, CSP On-Prem Cloud, Dedicated ERP SaaS solutions, Enterprise Cross Domain Solution, etc. Cyber Research and Technology Development • Insights into sophisticated threats and capabilities • Direct multi-year cyber research projects in vulnerability analysis and custom cyber mitigations • Guide research teams on engineering priorities, threats, design and operational considerations • Areas of focus: Cloud security, Cross Domain Solutions, Container technology, Data Lost detection, SaaS Security, etc. Vulnerability Analysis and Research • More than 10 years technical experience in conducting vulnerability analysis • Key approaches in VA include understanding threat profile, ops & deployment scenarios and leveraging system design, app architectures, tech component deep dive, dynamic/static analysis or code review • Analyse vulnerabilities including operating systems defences, reverse engineering of vulnerabilities and development of custom mitigations. Strong proficiencies in C and assembly languages • Uncover vulnerabilities and design flaws and worked directly with developers on effective remediation. E.g. Web, SaaS, ERP, Authentication/Authorisation solutions, Security solutions, Cloud Services, etc. Cyber Training Responsibilities • Devise customised training to on-board new hires with emphasis on strengthening development skillset before deepening of cybersecurity competencies • Lecture regularly on cyber threats and cyber engineering approaches with live hacking demonstrations to convince communities on realism of threats

Experience

  • DSTA (20 yrs 1 mo)
    • Director (Cyber Technology), Cybersecurity
      Jan 2019 - Present · 7 yrs 6 mos

    • Head Capability Development (System Vulnerability & Analysis)
      Jul 2017 - Jan 2019 · 1 yr 7 mos

    • Head (Security Validation & Audit) / Development Programme Manager (System Vulnerability & Analysis)
      Jul 2015 - Jun 2017 · 2 yrs

  • Lecturer (Concurrent Appointment) at National University of Singapore
    Jun 2017 - Aug 2017 · 3 mos

    Masters of Defence Technology and Systems Programme (MDTS) in Temasek Defence Systems Institute (TDSI), NUS - Developed curriculum for Information Assurance module (DTS5715) - Delivered lectures and conducted examination

  • Software Developer at Nanyang Polytechnic
    2002 - 2006 · 4 yrs

    Web J2EE Portal Development, System Integration, Mobile Games