Johnny Kim

I’m majoring in cybersecurity at the University of North Carolina, and I have worked in the field of cybersecurity for over 20 years in the private and public sectors as a pentester and security policy maker.

Waxhaw, North Carolina, United States

About

Since taking office at the Ministry of Science and ICT in March 2009 as a deputy director, I have mainly improved the cyber security level of institutions in the public sector, especially various national infrastructure systems, through PT technology and inspecting on-site. After analyzing the causes of vulnerabilities and deriving solutions, I reflected on them to national security policy. I have researched cutting-edge attack technologies such as zero-day exploits, the attacks of the Internet of Things (IoT), and cloud infra. Through PT of black-box3 type, I could have found a variety of zero-day vulnerabilities such as some network separation systems, the JINDO framework developed by Naver company, some mail systems including Kebi, Crinity, and Terrace products, Secuway VPN equipment, groupware developed by Handysoft company, common ActiveX developed by Softforum company, and so on. At the Olympic Winter Games in PyeongChang 2018, held in Korea, as a cybersecurity manager, I found several vulnerabilities in game management systems and supervised fixing the problem instantly. In addition, to establish Korea's security compliance guidelines, I developed ISMS suitable for Korea's IT environment together with renowned security professors in Korea. To this end, I researched the international standard ISO/IEC 270015 and the FISMA in the US and also contributed to standardization by participating in international standardization conferences as a Korean representative in 2010 and 2014. Finally, as a practical manager, I supervised the Government Cyber Crisis Response Exercise in the public sector while planning, training, writing detailed scenarios, and participating directly as a member of the Red Team. I also got to make a partnership with NATO CCDCOE. Consequently, I participated in the Locked Shields9 exercise held in 2016 in Estonia. At this time, I researched cyber training in other countries to develop effective training techniques. Between 2021 and 2023, I was involved in a big data construction project to analyze and extract useful information to decide on national security policy. In the first step, raw data was integrated from various sources, including databases and web servers, which had spread across many federal departments. Next, I stored these raw data in the NoSQL database, MongoDB. Lastly, these data were extracted by searching queries and visualized using Python, which was reported to the final policy maker. I participated in all the steps and developed the Python programs to store raw data, query, analyze, and visualize.

Experience

  • Deputy Director at The Ministry of Science and ICT of the Republic of Korea
    Mar 2009 - Present · 17 yrs 5 mos

    1) Penetration Test & Analysis Vulnerability a) Implemented pentesting for 100 diverse infrastructure systems such as health, financial, electric, nuclear power plant, traffic control, flight and pension services, and so on b) Found zero-day vulnerabilities in various systems: N* Jindo JavaScript framework, Mail systems such as K* mail, C* mail, and T* mail, S* VPN, H* Groupware, S* ActiveX, and so on c) Analyzed cloud system vulnerability and guided adequate method d) Identified vulnerabilities of mobile applications such as chatting, meeting, and scheduling 2) Cyber Crisis Response Exercise a) Made exercise plans and crisis scenarios, and managed red teams c) Evaluated the crisis response level of participating organizations 3) Security Policy a) Established government cyber security strategy, policy, long-term roadmap 4) Cyber Security Management Level Assessment a) Established ISMS guidelines for the agencies and organizations in the public sector b) Evaluated the security level of organizations by scoring the result of on-site investigations 5) International Cyber Cooperation a) Made a partnership with NATO CCDCOE for cooperating with ‘The Locked Shield’ exercise in 2016 in Estonia b) Participated in ISO/IEC 27001 as a Korean representative in 2014 in Mexico and 2010 in Germany 6) Construction, Analysis, and Visualization of Big Data a) Constructed around 10 million data in Mongo DB automatically through parsing websites, documents, and other DB servers using Python b) Visualized big data using Python after analyzing and extracting 7) Improvement of the AWS Cloud System a) Analyzed and solved the issued query such as slow, deadlock, select_full_join, and full table scan query causing a bottleneck b) Discovered DB instances causing the low performance and scaled up them to db.r5.8xlarge c) Configured AWS and GPC infrastructure network for WEB, WAS, and DB, including setting up server instance, NAT IP, and firewall rule

  • Teaching Assistant at University of North Carolina at Charlotte
    Jan 2025 - May 2025 · 5 mos

    I worked as a TA for the professor, Chad Willson, thanks to the recommendation of the professor. Chenglogn Fu, in the class of "Securing Programming and Penetration Testing".

  • Manager at SK Telecom
    Sep 2006 - Feb 2009 · 2 yrs 6 mos

    1) Penetration Test & the Vulnerability of Telecom Service a) Found security vulnerabilities in mobile services such as messages, music, and game services and developed auto scan tool ① Discovered vulnerabilities in mobile service applications, such as malware upload, unprivileged command execution, and accessing customers’ private information ② Developed the auto scanning tool for the weakness of unnecessary opened service ports, system accounts, and so on by Python b) Discovered illegal accesses from hackers through the mobile gateway and made security checklists for examining the safety of OS systems and application services. c) Defined standard security guides for Windows, Unix, and DB (ORACLE, MSSQL) servers and applied these standards to IT assets 2) Network & Security Equipment Management a) Established and managed large-capacity firewalls and web firewalls ① Established and managed firewalls in 10 Gbps capacity mobile network ② Decided firewall policies according to features and importance of services ③ Applied firewall policies to block attacks against mobile services b) Managing Enterprise Security ① Enhancement of mobile network security by detecting and blocking attacks through various security equipment ② Made criteria for determining valid attacks and assessing the accuracy of detections ③ Collected logs from firewalls, web firewalls, IDS, IPS, and servers and analyzed the correlation among critical-level logs ④ Classified analyzed logs according to high-risk attacks for immediate response 3) Security Training for Technical and Non-technical Staff a) Reported web vulnerability based on OWASP 10 major vulnerabilities and real examples of the company’s security incidents and cyber threats b) Guided security policies to developers and operators for verifying input value, controlling improper access, XSS, SQL injection, and blocking DDoS Attacks

  • Security Team Leader at NEXON KOREA
    May 2005 - Aug 2006 · 1 yr 4 mos

    1) Penetration Test & Software Vulnerability a) Penetration test for network, web, and DB server vulnerabilities b) Discovered vulnerabilities of taking over the system admin right by cloning accounts and stealing passwords in the same network domain by sniffing c) Penetration test of using exploits against unpatched OS or application 2) Strategy and Governance for Enterprise Information Security a) Obtained an information security safety certificate b) Established company policies for technical, physical, and procedural security 3) Hacking Incident Response a) Discovered attack time, method, and route through the security logs and analyzed the malware hidden in the victim system by reverse engineering and forensic skill b) Developed malware detection tools to identify victim systems quickly c) Enhanced security policies to prevent extra security incidents

  • Developer at Cybertek Holdings
    Jan 2002 - Apr 2005 · 3 yrs 4 mos

    1) Development of the IDS and Firewall a) Development of alleviating false detections in IDS b) Analyzed the statistics of attack event logs and visualized attack patterns c) Development of COM module for encrypting and decrypting user information 2) Research the Security Equipment and Management of the Intranet & Internet service a) Operated Check Point Fw-1 (Israel firewall product) and CTWall (Korea firewall product) b) Researched IDS, IPS (Tipping point), and Web firewall (Imperva) Equipment for developing IDS c) Managed Homepage, DNS, mail server (Lotus Notes), antivirus (TrendMicro) system, and ERP DB (Oracle)