Final-year Computer Science student at Mahidol University International College, focused on cybersecurity — security advisory and assurance, backed by hands-on application penetration testing and incident analysis, and the tooling that supports it.
- BSc Computer Science (on track for First Class Honors), with a minor in Business Administration.
- I work at the point where technical security findings meet business risk, controls, and clear recommendations.
- Comfortable across both offensive testing and the governance side — ISO/IEC 27001, OWASP, and NIST CSF.
- I also build secure software end to end — most recently AuditYote, a deployed full-stack GRC platform (below).
- AuditYote · live — a full-stack GRC web application that turns the findings-to-controls workflow into software: log security findings, map them to ISO/IEC 27001:2022, OWASP Top 10:2025, and NIST CSF 2.0, move each through a role-gated review and sign-off workflow, score risk and program-wide posture, and export CSV/PDF compliance reports. Spring Boot + React + PostgreSQL, containerized, CI-scanned with Semgrep and Trivy, and deployed over HTTPS.
- Security Portfolio — penetration-test reports, a malware/incident analysis, and a control-and-risk mapping to ISO 27001:2022, OWASP Top 10:2025, and NIST CSF 2.0. The hands-on analysis that AuditYote turns into a workflow.
- Security:
Web App Pentesting·Malware Analysis·Risk & Control Mapping·Burp Suite·Nmap·Wireshark·Kali Linux - Secure development:
Java / Spring Boot·React / TypeScript·PostgreSQL·Spring Security·Docker·CI/CD (GitHub Actions)·Semgrep / Trivy·Python
- TryHackMe: tryhackme.com/p/AvonS10
- Email: pasin.visuttipinate@gmail.com