Weerawat Pawanawiwat

Winner Thailand Cyber Top Talent & Cyber SEA Game | 500+ Security Assessments Delivered

Professional Summary

Leading offensive security operations and strategic cybersecurity consulting across Southeast Asia with 500+ assessments delivered for 100+ organizations including banks, financial institutions, government agencies, and blockchain platforms. Providing both technical depth in penetration testing and red teaming, and strategic advisory on cybersecurity governance, risk management, and security program development. Beyond client work, actively contributing to the cybersecurity community through conference speaking, CTF challenge creation, and mentoring the next generation of security professionals.

Experiences

• Reconix

  • Chief Solutions Officer & Co-Founder, Lead Cybersecurity Consultant (Jan 2022 – Present)
  • Leading a team of 25+ security professionals delivering offensive security services across Southeast Asia
  • Delivered 500+ security assessments for 90+ organizations including banks, financial institutions, healthcare providers, insurers, government agencies, and blockchain platforms
  • Core services: Penetration testing (web, mobile, networks, LLM apps, ATMs), red teaming and adversary simulation, smart contract and Web3 security audits
  • Strategic consulting: Cybersecurity governance advisory, risk assessment and management, security program development, compliance strategy, and security architecture review

• Inspex

  • Chief Operating Officer & Co-Founder (Jan 2021 – Jul 2024)

• Secure D Center

  • Senior Cybersecurity Consultant & Penetration Tester (Jan 2021 – May 2021)
  • Cybersecurity Consultant & Penetration Tester (May 2019 – Dec 2020)

Education & Training

• Mahidol University – Faculty of Information and Communication Technology (2015 – 2019)
  • First-class honors, GPA 3.99
• eddu XMBA#10 – Executive MBA Education Program
• ARI Corporate Coaching (ACC) Program 2

Achievements

• Winner of ARI Corporate Coaching (ACC) Program 2 (Nov 2024)
• Second Runner-up in The 2nd ASEAN Cyber Shield (ACS) Hacking Contest (Nov 2024)
• Finalist in ETH Escape - Speed Hacking Challenge (Nov 2024)
• 6th Place in ASEAN Cyber Shield Hacking Contest (Preliminary) (Nov 2023)
• 17th Place in Paradigm CTF 2023 (Aug 2023)
• Second Runner-up (Onsite) in HITB SECCONF CTF 2023 (Aug 2023)
• 16th Place in Paradigm CTF 2022 (Aug 2022)
• Winner of Cyber SEA Game 2021 (Nov 2021)
• Winner of Thailand Cyber Top Talent 2021 (Oct 2021)
• Finalist in SOSECURE Hacking Contest 2019 CTF Competition (Mar 2019)
• Second Runner-up of Financial Cybersecurity Boot Camp 2018 CTF Competition (Oct 2018)

Contributions

• Speaker – “Mobile Application Penetration Testing” for MUICT Cybersecurity Club, Faculty of Information and Communication Technology, Mahidol University (Nov 2025)
• Speaker – “Offensive Cybersecurity Career Paths” in ITDS101 Industry Problems and Experiences 1 Course, Faculty of Information and Communication Technology, Mahidol University (Mar 2024, Mar 2025, Mar 2026)
• Challenges Creator of STDiO CTF 2022 (Nov 2022), 2023 (Dec 2023), 2024 (Nov 2024), and 2025 (Nov 2025).
• Speaker – “Introduction to Android Application Hacking” for MUICT Cybersecurity Club, Faculty of Information and Communication Technology, Mahidol University (Nov 2024)
• Speaker – “Blockchain and Smart Contract Security” in ITDS101 Industry Problems and Experiences 1 Course, Faculty of Information and Communication Technology, Mahidol University (Mar 2023)
• Speaker – “Utilizing Ethereum’s Design to Abuse Your Friends(?) Through MEV” in Red x Blue Pill 2022 (Nov 2022)
• Speaker – “Reentrancy in the Multichain of Madness” in Blockchain Security Level Up 0x01 (Jun 2022)
• Speaker – “Smart Contract Security” for Faculty of Information and Communication Technology, Mahidol University (Jun 2022)
• Speaker – “Security Concerns in Using Blockchains and Smart Contracts” in NCSA Cybersecurity Knowledge Sharing #17 (Mar 2022)
• Speaker – “Smart Contract Security” for Faculty of Engineering, Mahidol University (Mar 2022)
• Speaker – “Breaching Active Directory — From Guest to Domain Admin” in MiSSConf(SP6) (Jun 2020)
• Challenge Creator of TCSD Cybersecurity Competition 2019 (Nov 2019)
• Challenge Creator of Thai Capture the Packet Contest 2019 (Oct 2019)

Certifications

Core Certifications

• ISC2 Certified Information Systems Security Professional (CISSP) – 771506
• ISC2 Certified in Cybersecurity (CC) – 771506
• Offensive Security Certified Professional (OSCP) – OS-101-17938
• Certified Red Team Professional (CRTP) – 28653665

CompTIA Certifications – COMP001021601694

• CompTIA SecurityX ce
• CompTIA PenTest+ ce
• CompTIA CySA+ ce
• CompTIA Security+ ce

CompTIA Stackable Certifications

• CompTIA Secure Infrastructure Expert (CSIE)
• CompTIA Security Analytics Expert (CSAE)
• CompTIA Security Analytics Professional (CSAP)
• CompTIA Network Security Professional (CNSP)
• CompTIA Network Vulnerability Assessment Professional (CNVP)

Languages

• English – Native / Bilingual
• Thai – Native / Bilingual
• Japanese – Elementary