Prior to joining Kroll, Tam was the managing director of PwC Singapore’s threat and incident management team. He built and led the cyber red team to conduct various penetration testing, red and purple teaming exercises for clients across sectors to improve their cybersecurity postures and resilience against cyber attacks. He assisted organizations in their response to cyber incidents and data breaches caused by ransomware, business email compromise, advanced persistent threat, third-party compromise and other cyber attacks. And developed the architecture for a threat hunting and log analytics platform for compromise assessments for clients in APAC. He also designed and conducted various cyber tabletop exercises for clients in the health care and public sectors in Singapore.
Before that, Tam was the technical and security assessment service lead at KPMG Singapore. He managed and performed multiple threat and vulnerability assessments, cyber security maturity assessments, cyber resiliency assessment engagements and Payment Card Industry Data Security Standard (PCI DSS) and ISO27001 gap assessments for clients across industries in Singapore and Southeast Asia. Tam also held a security consultant role with MWR InfoSecurity that focused on security assurance services and researching emerging technologies related to security.
Tam regularly contributes to the security community and speaks frequently at security conferences in the region. He has participated in various hacking competitions and was named the champion of the Syscan Secure Coding competition in 2011. Additionally, his research on zero-day vulnerabilities was acknowledged by a global ERP software company.
Tam is currently a member of Executive Committee for Association of Information Security in Singapore and an adjunct lecturer at Singapore Polytechnics.
Education and Certifications
- Bachelor of Computer Science (Honours), National University of Singapore
- Certified Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- Offensive Security Certified Professional (OSCP)
- GIAC-Certified Forensic Examiner (GCFE)
- Certified Blockchain Security Professional (CBSP)
- Amazon Web Services Security Specialty
- AWS-Certified Solution Architecture – Associate
- Microsoft Certified – Azure Fundamentals
