Loke Hui Yi (GovTech)
Loke Hui Yi
Senior Cybersecurity Specialist
Bug Hunter on the Prowl
“Finding bugs is challenging and fun,” says GovTech’s Senior Cybersecurity Specialist Loke Hui Yi. “I love the burst of excitement when I manage to spot some vulnerable code and develop it into a working exploit!”
This passion for solving IT vulnerabilities was fostered almost by happenstance.
At a crossroads in her career back in 2018, the erstwhile software engineer recalled how her husband, who is in the cybersecurity field, encouraged her to make the leap to join him in the same industry. On a personal level, this would allow them to have more common topics for conversation and it would also shape her to become a better software engineer, as she could see what’s on the other side of the development process and learn about various security flaws.
Convinced, she decided to apply for interesting cybersecurity-related jobs she could find on LinkedIn including one from GovTech that she was successful interviewing for. In 2019, she joined the Cybersecurity Group’s Product Security Assessment team.
Today, Hui Yi’s job scope includes testing various products for security flaws before these are deployed to use within the public sector. She also leads the vulnerability research initiative, which has helped discover a number of common vulnerabilities and exposure (CVEs) this year in several commonly used software and hardware products.
She also develops training programmes to help her team members acquire additional skills in vulnerability research.
From Cyber Sleuth to Aunt Agony
Besides helping to equip her team with technical skills, Hui Yi serves as “aunt agony” when they have questions at work or more generally about life.
“I see leadership as not just being a boss to someone but as a technical mentor and a sounding board for life’s questions,” she explains.
Beyond the day-to-day tasks, Hui Yi finds her work and its impact to improving the security of Singapore’s cyber ecosystem meaningful. For instance, she was once testing some commercial software that was to be deployed across the whole of Government and managed to find a way to almost completely circumvent its protection.
“It’s fixed now, but just imagine if some bad guys had found the same vulnerability instead of us!”