About
👋 Hey! I’m Baikang Li, a security and full-stack engineer in Melbourne. I’m passionate about security engineering and DevSecOps. Outside of work, I’m dedicated to developing open-source and personal projects.
My motto: Keep simple, keep learning, keep growing.
Sponsor Me
Social Networks#
Connect with me on these platforms:
Work Experiences#
-
Thoughtworks
over 5 years · - Present - - Present
IAM Lead & Security Engineering
·A global retail company- Led a team of 5 in China to architect, design, and develop the company's identity platform from scratch, with a strong focus on SailPoint IdentityIQ and IdentityNow architecture principles, for a large-scale e-commerce platform, reporting directly to China CISO and Global Security Architect.
- Engineered and implemented comprehensive IGA processes using SailPoint IdentityIQ for employee identity lifecycle management, seamlessly integrating OIDC, SAML, OAuth 2.0, and SCIM via Microsoft Entra ID to deliver secure and efficient identity management and automated provisioning.
- Developed and customized SailPoint workflows, connectors, rules, and policies to meet specific business requirements for user provisioning, role management, and access certifications within IdentityIQ.
- Created Standard Operating Procedures (SOPs) for SailPoint IAM integration workflows and spearheaded the successful implementation of a PAM solution, from technology selection (CyberArk) and Proof of Concept (PoC) to streamlined integration execution, ensuring seamless integration with SailPoint managed systems.
- Drove strategic automation of manual IAM tasks by 50% using SailPoint capabilities and scripting, slashing processing time by 93% and significantly improving employee onboarding efficiency by 30%.
- -
Senior Application Security Specialist | APAC
·A prominent multinational IT firm- Conducted in-depth security code reviews for mission-critical web applications, APIs, and firmware, leveraging SAST (Semgrep, CodeQL, Coverity) and SCA (Snyk, Contrast Security, Anchore) toolsets, ensuring secure coding practices for systems integrated with IAM solutions.
- Performed rigorous analysis of security vulnerability reports, effectively identifying and prioritizing remediation efforts based on CVSS 3.0 scoring, ensuring focused mitigation of critical risks in systems potentially managed by SailPoint or other IAM platforms.
- Established and meticulously maintained comprehensive code review tracking within Jira and Confluence, facilitating efficient vulnerability lifecycle management and seamless team collaboration, important for maintaining secure IAM implementations.
- Proactively communicated identified security vulnerabilities and delivered actionable, tailored remediation recommendations to development teams, cultivating a collaborative and security-centric development environment crucial for successful IAM deployments.
- Orchestrated security champion programs, successfully onboarding and mentoring 16+ champions, and developed customized security maturity models for a diverse portfolio of development teams, nurturing a proactive security culture across the organization, relevant to promoting secure IAM practices.
- Expertly led threat modeling sessions for 8+ clients and over 35+ projects, employing STRIDE methodology and Attack Tree analysis to proactively identify and mitigate potential security risks early in the software development lifecycle, including potential IAM related vulnerabilities.
- Proactively managed incident response for security incidents and established centralized vulnerability assessment dashboards, achieving a 15% reduction in vulnerability response time through streamlined visualization and accelerated notification processes, enhancing incident response capabilities also for IAM related security events.
- -
Full-stack Developer
- Developed and maintained interactive data visualization widgets on Sisense dashboards utilized by 100+ project managers to effectively monitor critical project KPIs.
- Implemented rigorous data validation and quality control measures, decreasing data discrepancies by 15% and ensuring superior data accuracy to support informed, data-driven decision-making.
- Designed, implemented, and optimized ETL processes leveraging Airflow to seamlessly integrate project data into Google BigQuery, ensuring data consistency and high availability for real-time reporting and analytics.
- Collaborated closely with diverse stakeholders to effectively translate complex business needs into actionable and insightful dashboard requirements, ensuring dashboards precisely met user needs and delivered valuable operational insights.
-
Jianxun
over 1 year · - - -
Full-Stack Developer
- Developed high-performance, high-volume data crawlers in Python, leveraging asyncio, Redis, and MongoDB to efficiently process over 1 million resumes daily.
- Created sophisticated resume parsers utilizing Python, Tika, and custom scoring algorithms, achieving 90% accuracy in key information extraction from diverse resume formats.
- Implemented user-friendly resume labeling systems using Python Flask and Vue.js for efficient and scalable resume categorization and management within the system.
- Built relationship mining systems using Elasticsearch and custom algorithms to significantly enhance candidate matching and overall recruitment efficiency for the platform. (While Python role, highlights back-end and data processing skills which are transferable)
-
SinoSoft
7 months · - - -
Backend Engineer
- Developed Java backend CURD logic on top of the Spring framework to support core application functionalities, demonstrating foundational Java skills relevant to SailPoint development.
- Built an OCR plugin to automatically identify and extract the ID number from national ID card images, improving data entry efficiency, showing problem-solving using Java.
Skills#
About Blog#
Website history:
- 2025-04-04Website refectered using Astro and Astro Theme Resume
The smooth operation and personalized customization of website also rely on the resources and technical support provided by the following excellent projects/service providers:
- Domain: Cloudflare ↗
- Framework & Theme: Astro ↗ + Astro Theme Pure ↗
- Site hosting: Cloudflare ↗
- CI/CD: Self-Hosted Gitea ↗