[저자소개]

[Korean Edition]

한국판 Microsoft(사) 설립을 꿈꾸며 고려대학교에서 정보공학 공부를 시작했다. 2003년 보안으로 인한 피해를 최소화하는 데 이바지하고자 고려대학교 정보보호대학원에 진학함과 동시에 소프트웨어 개발 역량을 바탕으로 세상을 이롭게 하는 제품을 만드는 데도 기여하고 싶어 삼성전자 소프트웨어 멤버십 활동을 병행하였다. 이때 대검찰청 사이버수사대 해킹 강의, 국가보안기술연구소의 프로젝트를 성공리에 마치며 관련 특허 등록은 물론 실제 기업으로 기술이전 하는데도 기여를 했다.

2005년 당시 삼성전자 소프트웨어 멤버십 졸업자에게는 삼성전자 취업과 함께 자신이 가고 싶은 부서를 직접 선택할 수 있는 혜택이 주어져 당장 어떤 하나의 기능만을 담당하는 것보다는 내가 몸담을 기업의 전반을 먼저 이해하는 것이 좋겠다고 판단했다. 이에 삼성전자 CTO 전략실 산하에서 상품기획부터 디자인, 개발, 양산, 판매에 이르는 삼성전자 전체 프로세스를 디자인하고 변화를 관리하는 조직으로 우선 입사하여 기업인으로서의 내공을 쌓았다. 이때 부서장과 부서원 사이에 더욱 원활한 소통 채널을 만드는 역할(CA, Change Agent)을 맡았다가 우수상을 받은 것을 시작으로 노사협의회 활동까지 했다.

2009년 기업에 대한 기본적인 이해가 되었다고 판단하고 본래 전공인 보안을 살려 기업보안을 담당하는 조직으로 이동하여 해당 조직의 IT 보안 기반을 닦았다. 이때 전사 임직원 보안 의식 개선을 위한 정보보호 강의 활동을 하며 전사 우수 강사로 인정받기도 했다. 2013년에는 인도를 중심으로 한 서남아 총괄 최초의 보안 주재원으로 부임하여 해당 지역에 있는 다양한 법인들에 대한 보안조직 구성, 보안체계 설계 등 보안 전반에 걸친 기반을 닦으며 외부 해커 대응 등 다양한 활동을 수행했다.

2016년 다시 한국으로 복귀하며 맡았던 조직에서 공교롭게도 부임하자마자 악성코드 감염률이 급격히 높아지자 체감형 사이버 침투 훈련 체계를 직접 구축하여 시행한 것은 물론, 그렇게 시행한 결과를 가지고 전 임직원을 대상으로 찾아가는 맞춤형 보안 컨설팅 교육과 연계함으로써 악성코드 감염률 제로화를 달성했으며, 2019년 반도체(DS) 부문의 진단조사파트장으로 자리를 옮겨 각종 점검 및 진단 활동을 통하여 대한민국 반도체 산업의 보안 수준을 높이는데 미약하게나마 이바지하고자 노력해오다 2022년 1월부터 취약점 분석 파트장으로서 RED Team을 이끌고 있다.

https://tedlee.be
tedlee@tedlee.be

 

[English Edition]

The author started studying information engineering at Korea University with the dream of establishing a Korean version of Microsoft. In 2003, he entered Korea University's Graduate School of Information Security to contribute to minimizing the damage caused by security issues. At the same time, he also participated in Samsung Electronics' software membership activities to contribute to making products that benefit the world based on his software development capabilities. During this period, he successfully completed a lecture on hacking by the Supreme Prosecutors' Office's Cyber Investigation Unit and a project at the National Security Research Institute(NSRI), contributing to not only registering related patents but also transferring the technology to companies.

In 2005, Samsung Electronics software membership graduates had the advantage of being able to choose the department they wanted to go to at the same time as getting a job at Samsung Electronics. The author decided that it would be better to work in a department that can understand the overall company in which he will work rather than working in a department that is responsible for only one function at the beginning of his career. So, the author firstly started to build up his skills as an entrepreneur by joining the department under the CTO Strategy Office, which designs and manages changes in the entire Samsung Electronics process from product planning to design, development, mass production, and sales. At this time, the author also worked as a member of the labor-management council, starting with the award of excellence while performing the CA role - an abbreviation for Change Agent, which creates a smoother communication channel between the department head and department members.

In 2009, judging that he completed to have a basic understanding of the entire company, the author moved to the department in charge of corporate security to utilize his original major - information security - and laid the foundation for the organization's IT security. At this time, he worked as an information security instructor to improve the security awareness of company-wide employees and was recognized as an excellent instructor. After being dispatched as the first security officer of SWA RHQ(SouthWest Asia Regional Headquarter) centered on India, in 2013, the author laid the security foundation - building a security organization, designing a security system and etc. - for many affiliated corporations in the region and performed various activities such as responding to hackers.

When the author returned to Korea and took charge of the organization in 2016, the rate of malicious code infection of the organization was too high, so the author himself built and implemented a tangible cyber penetration training system. In addition, as a result of linking the tangible cyber penetration training results with customized security awareness program that visits all employees directly, he achieved zero infection rate with malicious code in the organization. In 2019, he moved to the audit and investigation part head of information security assurance group at Device Solution(semiconductor sector), and had been trying to make a contribution to raising the security level of the Korean semiconductor industry through various activities. Since January 2022, he has been leading the RED Team as a vulnerability analysis part head.

https://tedlee.be
tedlee@tedlee.be

 

- 대표이미지 출처

Pixabay로부터 입수된 kalhh님의 이미지 입니다.