A Day in the Life

07 Mar 2022

Leong Xinni

Leong Xinni
Senior Engineer
Cybersecurity Programme Centre

Bachelor in Computer Science
Nanyang Technological University, Singapore, 2019

8:30 AM
I start my day by checking my emails and the status of my to-do list, while flagging important tasks and making quick mental notes on their progress. I also read up on the latest articles and papers written by cybersecurity researchers to update myself on cutting-edge security defences that we could potentially apply to our software.

9:00 AM
Being part of DSTA’s Cybersecurity Programme Centre’s Vulnerability Analysis team, we get to study new exploitation techniques used by adversaries and research ways to counter them. This is important because cybersecurity is constantly changing, and being able to dive deep to analyse the latest developments is a great way to stay abreast of trending attacks and the ways to counter them.

Needless to say, attacks may come from anywhere and there’s a growing need to safeguard our data and systems with top-notch tech. Defence cyber engineers need to be both well informed and technically competent to apply such knowledge gained to improve the robustness of our digital systems.

1:00 PM
My team and I used to hang out together a lot in the office, but since everyone is largely working from home now, our chat sessions have moved online. Some of us are avid sports fans or gamers, so our conversations are never focused on just work. Nevertheless, we still end up talking about the latest cyber trends out there – after all, we’re tech buffs at heart! My colleagues and bosses are my source of support when things get tough, and we voice problems that we face freely to one another, whether it’s related to work or our personal lives.

2:00 PM
After lunch, I usually conduct hands-on analysis of our internal software and applications, which involves examining the underlying machine code and learning about its structure and functions. I usually do this by reading its code and understanding how the defence techniques work.

Our team often gets together to share insights and exchange findings uncovered during our hands-on research. We’re always eager to share what we have learnt with one another, and these meetings help to leverage our combined expertise to solve problems. I enjoy these sharing sessions very much as I get to gain new knowledge, especially when my teammates raise possible solutions or case studies that I may not have previously thought of.

Apart from research, we also conduct cybersecurity assessments to ensure that systems are resilient and robust. This includes checking that settings are configured correctly, and reviewing vulnerability assessment reports. In 2019, I had the exciting opportunity to be involved in the Ministry of Defence (MINDEF) Bug Bounty Programme (BBP), where white-hat hackers from around the world were invited to test major internet-facing systems and websites belonging to MINDEF and the Singapore Armed Forces for vulnerabilities.

I was part of the BBP triage team, which was responsible for assessing the vulnerabilities submitted by the white-hat hackers and validating their severity. A few of the techniques used were definitely novel and interesting, and gave us fresh insights into how we could better strengthen our systems against cyber threats. In cyber, it is definitely important to keep a head above the crowd to stay updated with evolving tech!

6:00 PM
After a day of work, I usually wind down by donning a pair of running shoes and hitting the streets. I also take some time to go over the things I have learnt and pen down the next day’s to-do list.

I’m grateful that my work contributes to the building up of our nation’s digital defence, and that no two days are the same in DSTA. I enjoy working alongside like-minded engineers who are passionate in what they do, where we get to bounce ideas off one another and grow together as a team.


This article was first published in gradsingapore.com. Read the publication here.

BACK
TO TOP