Song Lin Chen

Experience

Aug 2025 – Present

Security-Focused DevOps Engineer

Pacston Technologies, Inc. — IT Services & Consulting

Architected secure CI/CD pipelines using Bitbucket Pipelines, Docker, and AWS ECR, enforcing immutable image strategy and reducing manual deployment effort by 80%.
Designed AWS cloud infrastructure (IAM, VPC, ALB, ECS Fargate, App Runner) with least-privilege access control and private subnet segmentation to enhance security posture.
Implemented Infrastructure as Code using Terraform and Ansible, integrating automated provisioning into CI/CD workflows and reducing manual infrastructure setup by 75%.
Built Python-based automation tooling for release governance, semantic version enforcement, and PR-driven CHANGELOG generation, reducing release preparation time by 70%.
Developed serverless monitoring system using AWS Lambda, DynamoDB, CloudWatch, and SES for real-time alerting, reducing incident detection time by 50%.

Feb 2026

Vault Secret Management System (Terraform)

Built secure infrastructure provisioning workflow using Terraform with encrypted Vault secrets, eliminating .env file sharing across 30-person team and 204 services.
Implemented AWS SSM no-key-based authentication, removing 30+ SSH key pairs from server access and reducing unauthorized access surface by 100%.
Reduced configuration drift risk by enforcing infrastructure automation across 204 services, replacing ad-hoc manual provisioning with auditable, version-controlled workflows.

Dec 2025

Serverless Security Monitoring Platform (AWS)

Built serverless real-time monitoring system (AWS Lambda + DynamoDB) covering 200 services, enabling incident detection from zero visibility to fully automated alerting.
Implemented automated anomaly detection with AWS SES and SMS notifications, processing ~60 events/month and triggering targeted alerts to reduce incident response time by 50%.
Developed React dashboard to visualize operational metrics across 200 services, replacing manual log inspection with real-time system health visibility.

Oct 2025

Terraform-Based Infrastructure Platform (AWS)

Designed modular Terraform architecture provisioning 30 production workloads (20 App Runner, 6 Fargate, 4 Lambda) across VPC, IAM, ECS, and networking resources, reducing manual provisioning effort by 75%.
Implemented least-privilege IAM policies and secure private subnet architecture, eliminating manual access configuration across all 30 services.
Integrated Terraform execution into CI/CD workflow, achieving 100% reproducible infrastructure provisioning and eliminating human error risk.

Sep 2025

AISecMap – AI-Powered Security Analysis Platform

Architected an AI-driven security automation platform integrating RAG(Ollama), static analysis (Semgrep, Bandit), and container scanning .
Built backend services in Go with Postgres and Milvus for vector retrieval and structured threat analysis.
Implemented automated vulnerability detection and attack path visualization using React.

2023 – 2025

National Central University

M.S. in Network Learning Technology

Participated in 4 national-level competitions, including AWS Hackathon and Google Solution Challenge.
Delivered production-style cloud and AI solutions in competitive engineering environments.

2018 – 2022

National University of Kaohsiung

B.S. in Computer Science

Awarded 5 technical competition prizes across software and IoT engineering projects.
Recognized for excellence in system design and full-stack implementation.