Ivan Than

Than Htet (Ivan)

Cybersecurity Professional  |  Healthcare IT Specialist
📍 Singapore
📱 +65 8755 3980
ivan@ivanthan.uk
linkedin.com/in/ivan3890
ivanthan.uk
Certifications
  • CVSS v4.0 — Vulnerability Scoring FIRST.org · Apr 2026
  • Professional Certificate in Cybersecurity MAGES Institute of Excellence · Sep 2025 – Apr 2026
  • Certified Ethical Hacker (CEH) In Progress · 2025
  • Heap Masterclass — Exploit Dev Corelan × Redfacers · Jan 2026
  • MCP — SQL Database 2005 Microsoft
  • MTA: Windows Server Admin NICF · Microsoft
Security Toolkit
nmap / gobuster / ffuf Advanced
Nessus (Vuln Scanning) Advanced
Metasploit Framework Intermediate
Burp Suite Intermediate
Hydra / hashcat Advanced
WinDbg Intermediate
Kali Linux / WSL Advanced
VMware / Proxmox / Hyper-V Advanced
VS Code / SSH Remote Advanced
Bash / Shell Scripting Advanced
Python (scripting) Intermediate
SQL / Oracle SQL (CLI) Advanced
Parrot Security OS Intermediate
Domain Expertise
  • DICOM Protocol Security
  • RIS / PACS Administration
  • Windows Server 2008/2012/2019
  • Hyper-V Virtualisation
  • Medical Device Security
  • PHI Protection / HIPAA
  • HL7 Integration
  • VAPT Report Writing
  • CVSS 3.1 & 4.0 Scoring
Education
  • Higher Diploma in IT Major in Web Development
  • Bachelor of Arts Major in English
Language
EnglishFluent
BurmeseNative
Availability
Immediate
Profile
11+ years securing imaging infrastructure at SingHealth, MINDEF, and Parkway Hospitals — now making a deliberate move into offensive security. Completed the Professional Certificate in Cybersecurity at MAGES Institute (Apr 2026), currently preparing for CEH, and backing both up with hands-on TryHackMe work: full VAPT reports with CVSS 3.1 & 4.0 scoring, chained privilege escalation paths, and a Windows kernel rootkit written in C. Looking for a junior penetration tester or security analyst role where a decade of system-level healthcare IT experience actually counts.
Work History
Parkway Hospitals Singapore
Sep 2023 – Sep 2025
Imaging IT Specialist
  • First point of contact for 200+ radiologists and radiographers when RIS/PACS or clinical AI systems had issues — logged accurate incident tickets with Philips, tracked resolution progress, and kept clinical teams updated to minimise disruption to patient workflows
  • Worked with Parkway's Infrastructure, Cybersecurity, and IT teams on patch cycles, IT asset management, and security compliance for the Radiology department; handled access provisioning and user authentication setup during rollout of 4 AI diagnostic platforms (Sensecare, Annalise, Teamplay, Radimatrics)
  • Wrote SOPs and quick-reference guides for the most common imaging system faults — gave clinical staff a self-service resolution path before escalating to vendor, which cut down repeat incident tickets
Philips Enterprise Diagnostic Informatics (EDI) — APAC
Aug 2019 – Apr 2022
IT Specialist (RIS/PACS) — ASEAN
  • Day-to-day administration of RIS/PACS systems at SingHealth and MINDEF — Windows Server 2008/2012 on bare-metal and Hyper-V; handled L1/L2 incident management, scheduled maintenance windows, and preventive health checks across ASEAN client sites
  • Applied OS patches and worked through remediation items from Nessus vulnerability assessments across defence-grade imaging environments; maintained DICOM/HL7 interface compliance and PHI data protection standards
  • Ran root cause analysis on complex system failures and documented findings for the engineering team; part of the 24/7 on-call rotation for critical incident response
Carestream Health Singapore
Nov 2018 – Jul 2019
IT Executive (RIS/PACS) — ASEAN
  • Installed and configured RIS/PACS on Windows Server 2008/2012 across hospital sites in the ASEAN region; handled L1/L2 incident tickets, UAT sign-off, change management coordination, and after-hours on-call coverage
Biz-Partner Group Co., Ltd — Myanmar
Feb 2015 – Sep 2018
Project Manager & Senior Service Engineer
  • Installed and commissioned medical imaging systems (DR, CR, X-Ray, Ultrasound) at hospitals across Myanmar — handled end-to-end DICOM/HL7 integration with existing PACS and EMR environments
  • Led projects as both PM and lead engineer — scoped deliverables, coordinated subcontractors, and drove client sign-off from kick-off through commissioning
Key Projects
MerLinn — Locally-Hosted Personal AI Assistant (ongoing)
Apr 2026 – Present
  • Built chat-first AI assistant from scratch (Python 3.13, FastAPI, HTMX + Alpine + Tailwind, Typer CLI, installable PWA on iOS/Android) — local Ollama by default, opt-in Claude API fallback per call
  • Mirrors Claude Code substrate (skills, sub-agents, tools, hooks, MCP, memory, permissions); includes autonomous coding agent + self-improvement engine with confidence scoring & audit log
  • 10 build phases shipped; 260+ tests, ~85% coverage, mypy strict, CI green; private repo, invite-only
TryHackMe CTF Engagements — 4 Rooms
Feb–Apr 2026
  • HackPark: Exploited CVE-2019-6714 (BlogEngine.NET RCE) via Metasploit; escalated to SYSTEM via insecure scheduled task (WinPEAS)
  • Mr. Robot: WordPress brute force → theme editor PHP reverse shell → MD5 crack → SUID nmap privesc to root
  • Masquerade: Static malware analysis DFIR — PowerShell ScriptBlock (EVTX 4104) extraction, RC4 + AES-CBC C2 decryption, full operator-command transcript recovered from pcap
  • Kernel Blackout (Hard): Developed a Windows kernel-mode rootkit driver in C (VS 2022 BuildTools + WDK) that hides a process from user-mode enumeration via DKOM on EPROCESS.ActiveProcessLinks; driver manual-mapped via kdmapper
  • Produced full VAPT reports with CVSS 3.1 and MITRE ATT&CK mapping for all 4 engagements — 13 total findings
CyberGuard — Cybersecurity Awareness Platform
Feb–Mar 2026
  • Designed and built a full-stack security awareness game with 58+ missions across 4 age groups (kids to seniors)
  • Implemented XP progression, badge system, difficulty tiers, hobby-matched scenarios, and real-time leaderboard via Supabase
  • Deployed on Cloudflare Pages with custom domain — live at cyberguard.ivanthan.uk
Home Cybersecurity Lab & Automation Server
Sep 2025 – Present
  • Built Proxmox hypervisor on Dell OptiPlex with Kali Linux VM for penetration testing and malware analysis
  • Deployed self-hosted n8n automation server via Docker with Cloudflare Tunnel for secure remote access
Referees
Mr. Aung Kean Boon Jonathan
Asst Manager, Parkway Radiology
jonathan.aung@parkwayradiology.com.sg
Mr. Arshad Jamal
Service Manager, Philips EDI
arshad.jamal@philips.com
Mr. Sithu Aung
CEO, Biz-Partner Group Co., Ltd
ceo@bpgmyanmar.com
Mr. Michael Chua
Offensive Security & AI Researcher | Founder, REDFACE Research
mike@redfacers.com