Hello, I'm Thien Hong

vCISO | System Architect | Cloud Security Specialist | macOS & Windows Expert

Virtual Chief Information Security Officer and accomplished system architect with 8+ years of experience leading security initiatives, designing secure IT infrastructures, and managing high-security environments. Specializing in strategic security leadership, cloud solutions, and organizational risk management.

Contact Me

About Me

I'm a Virtual Chief Information Security Officer (vCISO) and accomplished System Architect with over 8 years of experience providing strategic security leadership and designing secure IT infrastructures in high-security environments. My expertise spans cybersecurity strategy, risk management, compliance oversight, and cloud security architecture.

In my vCISO role, I provide executive-level security guidance, develop comprehensive cybersecurity programs, and lead organizational security initiatives. I excel at translating complex security requirements into actionable strategies that align with business objectives while maintaining the highest security standards.

Throughout my career, I've demonstrated expertise in security program management, incident response planning, regulatory compliance, and leveraging cutting-edge technologies to enhance organizational security posture through automation and innovation.

Pronouns: He/Him/His

vCISO Leadership

Virtual Chief Information Security Officer providing strategic security leadership, risk management, and executive-level security oversight.

Strategic Planning

Developing and implementing comprehensive cybersecurity strategies aligned with business objectives and regulatory requirements.

Risk Management

Expert in security risk assessment, vulnerability management, and compliance frameworks including DISA/STIG and HIPAA standards.

Cloud Security Architecture

Specialized in AWS, Google Workspace, and Microsoft 365 security with proven track record in secure cloud migrations.

Security Team Leadership

Successfully led security teams and IT professionals of 30+ in mission-critical infrastructure and security projects.

Compliance Mastery

DOE Q Security Clearance with extensive experience in high-security environments, incident response, and regulatory compliance.

Proven Results

8+ years delivering secure, scalable solutions that enhance organizational security posture and operational efficiency.

Security Automation

Driving security automation through AI and API integrations to maximize efficiency and reduce human error in security operations.

Core Skills

Comprehensive security leadership and technical expertise built over 8+ years, spanning from strategic vCISO responsibilities to hands-on security implementation and infrastructure management.

vCISO & Security Leadership

Strategic Security Planning & Program Management

Executive Risk Communication & Board Reporting

Security Budget Planning & Resource Allocation

Vendor Security Assessment & Third-Party Risk Management

Security Policy Development & Governance

Regulatory Compliance Strategy (DISA/STIG, HIPAA, SOC 2)

Risk Management & Compliance

Enterprise Risk Assessment & Vulnerability Management

Security Framework Implementation (NIST, ISO 27001)

Incident Response Planning & Crisis Management

Business Continuity & Disaster Recovery Planning

Security Awareness Training & Culture Development

Audit Coordination & Remediation Planning

Security Operations & Incident Response

Security Operations Center (SOC) Management

Incident Response & Forensics Coordination

Threat Intelligence & Security Monitoring

Endpoint Detection & Response (EDR) Strategy

Security Metrics & KPI Development

Crisis Communication & Stakeholder Management

Cloud Security & Infrastructure

Cloud Security Architecture (AWS, OpenShift, Docker, Kubernetes)

Google Workspace & Microsoft 365 Security Administration

Zero Trust Architecture Implementation

Identity & Access Management (IAM) Strategy

Data Protection & Encryption Management

Secure Cloud Migration Planning

Endpoint Security Management

Endpoint Protection Platform (EPP) Strategy

Mobile Device Management (MDM) & BYOD Policies

Privileged Access Management (PAM)

Security Configuration Management

Patch Management & Vulnerability Remediation

Device Compliance & Monitoring (Jamf, Addigy, SCCM)

Security Leadership & Team Management

Security Team Leadership & Development

Cross-functional Security Collaboration

Executive Stakeholder Management

Security Training Program Development

Led teams of 30+ IT & Security professionals

Security Culture & Awareness Initiatives

Security Automation & Tools

Security Automation & Orchestration

Shell & PowerShell Security Scripting

Security Information Event Management (SIEM) - Splunk

API Security & Integration

Security Tool Integration & Management

AI-Driven Security Analytics

Technical Security Infrastructure

Network Security Architecture & Segmentation

Linux Security (RHEL), OpenShift 4 Security

Container Security (Docker, Kubernetes)

VPN Security Management (Palo Alto)

DNS Security & Filtering Implementation

Advanced Threat Detection Tools

Technical Tools

A comprehensive toolkit of platforms, services, and technologies that I use to deliver robust IT infrastructure solutions.

Platforms

macOS

Windows

Linux (RHEL)

OpenShift 4

Cloud Services

AWS

Google Workspace

Microsoft 365

Management Tools

Jamf

Addigy

ManageEngine

Docker

Kubernetes

SCCM

Splunk

Printer Logic

Scripting Languages

Bash

PowerShell

Shell

Google Script

Apple Script

Javascript