What I’ve Been Up To in NUS

This is my first ever blog post, so go easy on me!

Before matriculating, I got a head start through NUS’s iBLOC programme, which lets NSFs take selected modules while still in service. I applied for and got selected to read CS1010X, a foundational programming module, which helped me fast-track my university education.

Even before my matriculation in 2023, my goal has always been to graduate in 2.5 years. As of today, April 2025, I am on track with that goal and next semester would be my final semester!

Right after completing my Cyber NSF stint with MINDEF, I officially matriculated into NUS. My time at the Cyber Security Agency (CSA) was truly eye-opening. Thanks to the guidance of my team leads—Fhong Sheng, Sam, and Adam — as well as the other members in Team 3, I discovered my passion for Digital Forensics and Incident Response (DFIR)!

But like all things in life, it eventually came to an end and I had to start preparing for my university life that was coming up.

Orientation at Ridge View Residential College

On the day of my ORD parade, I actually had to cut it short and leave early because I had to rush off to an orientation camp at the residential college I was going to be staying at—Ridge View Residential College (RVRC).

But wait… I’m an introvert, aren’t I? Why would I even go for this camp in the first place?

Well… it started during my interview for RVRC. One of my interviewers, Mr Desmond Ng, told me that some of the strongest friendships and bonds are formed during this camp—and I didn’t want to miss out on that.

So I took a chance and I’m honestly so glad I did. I made some really amazing friends over that 3-day camp!

FOP_OG Ride_Or_Die

Beyond my RC friends, I’ve also met some really talented and inspiring people in my faculty. We’ve stuck together since Year 1 Semester 1, all the way till now—my final semester. I genuinely couldn’t have made it through without them.

Shoutout to Danial who stuck with me from the very start of CSCC until now!!

Barely Surviving Window Of Opportunity

Academics

So… how was I doing in school?

Honestly? Not great.

I didn’t really enjoy the theoretical side of things, and I felt that some of the modules, especially the security ones, was outdated.

That’s when I made a decision I probably should have made back when I was still in CSA: start taking certifications.

Diving Into Certifications

Ever since my time in CSA, I was always more fascinated by the blue team side of security. But I came across a quote that really stuck with me—something along the lines of: “If you want to get good at defense, you need to understand offense.”

So, I took the plunge and bought the OSCP with my own money. It’s often touted as the pinnacle “beginner” penetration testing certification, so I figured it was a good place to start.

I’ll write a separate post about my OSCP experience, but long story short:

I failed the first time. ;(

But I tried harder—and passed on my second attempt in March 2024.

Even if I hadn’t passed, I’d still recommend it to anyone who can afford it. You may not pass it on the first try, but I guarantee you’ll come out of it way better than when you started. At least that was the case for me!

From OSCP to OSWE

The thrill of passing OSCP was exhilarating—and I didn’t want to stop there. I enrolled in the OffSec Learn Onesubscription and started working on OSWE next.

The WEB-300 course was a completely different beast. At that point, school work was piling up and I didn’t have the time to dedicate to the course, so I had to pause it temporarily.

That’s when I realised — I didn’t actually have a blue team cert yet. So I pivoted and took the GCFA certification by SANS/GIAC in June 2024.

Thankfully, I was able to rely a lot on my past experience in CSA, which helped make the certification manageable.

(There’ll be a separate blog post on my GCFA journey!)

Summer Internship at HTX & OSWE Grind

It was summer break by then, and I was lucky enough to secure an internship at HTX as a Cyber AI Analytics Intern as a Year 1.

I continued studying for OSWE after working hours — and I managed to pass it in July 2024 (thankfully 😅)…

(There’ll be a separate blog post on my OSWE journey!)

Getting Into Reverse Engineering

One thing I didn’t get to explore during my time at CSA was malware reverse engineering. But I was super intrigued by it and wanted to dive deeper.

With Mandiant’s Flare-On coming up, I decided to study for — and eventually passed — the GREM certification by SANS/GIAC and use some of what I learned here in the challenge.

(Yes, another post on my GREM journey coming soon!)

While studying for GREM, I also started applying for internships for 2025—and I got accepted into GIC! (YAY!!)

Slowing Down and Recharging

By the time Winter break came, I knew I was getting close to burning out. I’m grateful I had such a strong support system to keep me going!

I went overseas with some of my friends and we travelled to Bangkok and Phuket!

I also knew I had to start focusing on school again when the next semester started. My grades were taking a hit, and something had to give.

GuysTrip

Whats next?

It’s now 2025.

I wanted to get back on the grind, and I’ve enrolled in OffSec’s OSED now. I’m hoping I can leverage some of the knowledge I picked up from studying for GREM and from my course content to help me get through it.

It’s still a work in progress, but I feel like I’m getting a little closer every day!

Right now, I’m really excited about my internship at GIC and I’m looking to make a lasting impact there!

On a more bittersweet note, this semester will be my last one in RVRC. It’s been such a great experience living together my friends. Beyond that, it’s hard to believe the next semester will be my final one, but I’m definitely looking forward to my graduation trip in December 2025! :D