HE W.

Red Team Hacker @ Sophos | TLPT | Adversary Simulation | CVEs in Google · Anthropic · GitHub · IBM | OSCP · OSEP

Tokyo, Japan

About

Offensive security practitioner at Sophos, operating within the Secureworks Counter Threat Unit (CTU™) Adversary Group (SwAG) Delivering full-scope threat-led penetration testing, adversary simulation, and red team engagements for enterprise clients in Japan and globally. ============================ 🏆 Hall of Fame & CVEs ============================ 20+ CVEs assigned across MITRE and major vendor CNAs Hall of Fame recognition + high-impact disclosures 7 IPA acknowledgments (Japan national process) - Google - Anthropic - IBM - GitHub(World’s first publicly disclosed GitHub MCP Vulnerability) - Linux - Rapid7 - Rakuten - MISP - Mercari - BANDAI NAMCO - Sky - Neo4j - Keysight - Lumen - Clarivate - VLC Media Player - dbt Labs - Contentful - Obot AI - and others ============================ 🚩 TECHNICAL FOCUS ============================ – Threat-led penetration testing and red team operations – Adversary emulation aligned to nation-state TTPs – Initial access tradecraft and phishing simulation – Active Directory attack paths and domain compromise – C2 infrastructure design, deployment, and operation – EDR/XDR evasion and custom offensive tooling – Exploit development and vulnerability research – Web application, API, and cloud security across AWS, Azure, and OCI – Engagement design, planning, and technical delivery ============================ 🪪 CERTIFICATIONS ============================ OSEP · OSCP · CARTP · OSWP · PNPT · KLCP · AWS Security Specialty ============================ 💼 WHAT I’M LOOKING FOR ============================ – Hands-on offensive security roles with 80%+ technical execution – Best aligned with Red Team, Penetration Testing, Adversary Simulation, and Vulnerability Research – Not pursuing SES/staffing-model consulting, SOC, blue team, GRC, or corporate security program management tracks – Open to outreach where the role is clearly centered on offensive technical execution ============================ 📩 CONTACT PREFERENCE ============================ – I generally do not respond to mass-generated outreach, messages that clearly have not read my profile, or messages that treat a reply as consent to data registration – I do not discuss confidential certification exam content

Experience

  • Penetration Testing Analyst - Counter Threat Unit (CTU) at Sophos
    Mar 2026 - Present · 5 mos

    Member of the Secureworks CTU™ Adversary Group (SwAG) within Sophos Advisory Services, delivering threat-led red team operations and TLPT engagements for enterprise clients, emulating TTPs of nation-state and financially motivated threat actors. · Conduct Threat-Led Penetration Testing (TLPT) and Red Team engagements simulating advanced adversary behavior across enterprise environments · Design and operate C2 infrastructure supporting full red team campaigns · Execute initial access operations including adversarial phishing simulation and social engineering · Perform full-scope Active Directory attack path analysis, domain compromise, and lateral movement · Develop and deploy EDR/XDR evasion techniques against modern endpoint defenses · Execute web application, API, and network infrastructure penetration testing · Deliver cloud security assessments and adversary simulation across hybrid environments (AWS, Azure, OCI) · Conduct vulnerability research and exploit development · Lead engagement planning, scope definition, and client-facing project management across concurrent red team operations

  • Penetration Testing Engineer at TIS Inc.
    Feb 2025 - Mar 2026 · 1 yr 2 mos

    Member of the Japan Penetration Testing Team, conducting offensive security engagements for enterprise clients across multiple domains. • Performed web application, API, Active Directory, and network infrastructure penetration testing • Executed end-to-end attack simulations including internal network penetration at client sites • Assessed hybrid environments spanning on-premises Active Directory to cloud • Conducted EDR evasion testing against enterprise endpoint security solutions • Developed proof-of-concept exploits and contributed to vulnerability research • Authored technical articles on cybersecurity topics for the company's public-facing blog

  • Security Analyst at DXC Technology
    Apr 2023 - Feb 2025 · 1 yr 11 mos

    Started on the Japan CSIRT Team handling defensive operations, then expanded scope to the APAC Vulnerability Assessment Team conducting offensive security work across the region. Japan CSIRT Team: • Operated and maintained WAF, EDR, and SIEM platforms for client environments • Performed log analysis, alert triage, and incident investigation • Conducted internal penetration testing and vulnerability assessments • Supported proposal development including technical scoping and cost estimation APAC Vulnerability Assessment Team: • Delivered penetration testing and vulnerability assessments for clients across the Asia-Pacific region

  • Vulnerability Analyst - Butian Vulnerability Response Platform at Qihoo 360
    Aug 2016 - May 2018 · 1 yr 10 mos

    Reviewed and triaged vulnerability submissions from external security researchers on one of China's largest vulnerability disclosure platforms. • Validated reported vulnerabilities by reproducing findings and verifying technical accuracy • Assessed severity and business impact using standardized rating criteria (CVSS-based) • Provided feedback to researchers on report quality, proof-of-concept completeness, and disclosure scope • Processed submissions spanning web application vulnerabilities, network infrastructure issues, and access control flaws

  • Security Researcher at WooYun Vulnerability Disclosure Platform
    Dec 2015 - Jun 2016 · 7 mos

    Conducted independent vulnerability research on web applications through China's leading vulnerability disclosure platform. Identified and responsibly disclosed security vulnerabilities across multiple organizations, including issues in authentication, access control, and injection-based attack vectors. • Performed manual testing to discover vulnerabilities in real-world production systems • Wrote detailed vulnerability reports with reproduction steps and remediation guidance • Built foundational skills in web application security that led to a career in professional penetration testing