About Me

I'm Hismon Tam, a QA engineer with over 8 years of professional experience in software quality assurance, user acceptance testing, and software development. I specialize in crafting robust testing strategies and integrating QA processes seamlessly into DevOps workflows to ensure digital products are not only functional but secure.

With a strong technical foundation in tools and languages such as Cypress, JavaScript, Java, Python, Postman, Jenkins, Docker, MySQL, Azure, and AWS, I build effective testing frameworks that drive customer satisfaction and business success. My international experience across the US, Hong Kong, and the UK in FinTech, B2C SaaS, IoT, and POS sectors has shaped a well-rounded and adaptable QA mindset.

In parallel with my QA career, I’m actively expanding my skill set into the field of Cybersecurity/Secuity Testing Skills. I’m currently learning and practicing skills in:

🔐 Security Fundamentals: Risk management, secure architecture, incident response

🌐 Network Security: Firewalls, VPNs, packet analysis, secure protocols

☁️ Cloud Security: Microsoft Azure (AZ-500 labs completed), AWS security tools

🧪 Practical Hands-on Labs: TryHackMe, Virtual Hacking Labs
This journey is helping me combine my strengths in QA and development with a growing knowledge of cybersecurity, allowing me to contribute to secure, high-performing software in modern IT World environments.

💼 Professional Experience

Software QA Tester | Nourish Care

Oct 2024 – Present | Bristol, UK

Designed Cypress test scripts – reduced regression testing time by 30%
Created JIRA dashboard – improved dev-QA communication, 10% faster defect resolution
Cross-platform testing for responsive design across browsers/devices

Software QA Engineer | YouLend

Oct 2021 – Aug 2024 | London, UK

Led automation initiatives with Cypress, Azure DevOps – reduced QA time by 50%
Built dashboards and CRM tools – improved stakeholder communication and project pipeline
Reduced bug tickets and lead time by 30%

Software QA Engineer | BBPOS

Nov 2019 – Aug 2021 | Hong Kong SAR

Managed 7-SQA team to create test plans for mobile POS – improved time to market by 20%
Built automation tools with Java, Jenkins, PowerShell, TestNG – cut QA effort by 30%
Supported key clients: Shopify, VIX, 7-Eleven

Web App Programmer | Computime Group

Jul 2019 – Oct 2019 | Hong Kong

Built front-end apps for IoT devices with JS, HTML5, CSS
Integrated APIs and collaborated across backend/frontend teams

Android Dev Intern | Dapper Grooming

Jun 2018 – Jan 2019 | Seattle, USA (Remote)

Built Android app using Java, AWS Mobile, MongoDB
Collaborated with cross-platform teams and used AWS documentation for API integration

🤝 Volunteer Experience

Cloud Security Engineer | Securtia

Mar 2024 – Jun 2024 | London, UK

Configured Azure AD authentication and RBAC
Enabled encryption at rest and secured VM access
Deployed secure network peering and tested app access

WordPress Developer | CCCTW

Sep 2020 – Dec 2020 | Hong Kong

Built responsive WordPress website using JS, HTML, CSS, SQL
Implemented security plugins and optimized availability
Increased team efficiency and launched website on time
Visit Site

🎓 Education

B.A. Applied Computer Science

University of Washington | 2016 – 2018

A.A. Computer Science

Shoreline Community College | 2013 – 2016

📜 Certifications & Training

✅ Completed: ISTQB Certified Tester, Google CyberSecurity
📚 In Progress: CompTIA Security+
🔭 Planning: AZ-500, BLT1, PNPT, OSCP

🧠 Personality-Based Strengths

Analytical: Great at spotting vulnerabilities
Systematic: Detail-driven and structured
Adaptable: Thrives in fast-changing environments
Collaborative: Strong team player with good communication

Actively developing skills in:

Assertive communication
Proactive risk mitigation
Incident leadership under pressure

🛠️ Lab Projects

AZ-500 Lab Projects

These labs cover a wide range of Azure security topics, including:

🔐 Key Vaults, Access Control, Locks
☁️ Azure Defender, SQL Auditing, VM Hardening
🔎 Security Monitoring with Azure Monitor and Sentinel
🔄 Identity and Role Management (RBAC, PIM)
⚙️ Networking Security Groups (NSG), Peering, App Security
📦 Secure Application Deployment and Logging
🧠 Advanced Scenarios using ARM Templates and Multi-Scope Permissions

View AZ-500 Lab on GitHub

🛡️ Security+ Lab Projects

As part of my CompTIA Security+ certification preparation, I've completed hands-on labs focusing on real-world cybersecurity scenarios. These labs enhance my understanding of various attack techniques, social engineering tactics, and foundational security concepts.

Completed Labs:

Lab 1: Identifying Different Cyber Attacks
Analyzed common cyber attacks such as phishing, DoS, MiTM, and password attacks. Documented each attack’s characteristics, real-world examples, and prevention methods.
Lab 2: Social Engineering Techniques and Exploits
Explored social engineering tactics including pretexting, baiting, phishing, and tailgating. Simulated exploit scenarios and analyzed case studies to understand human factors in cybersecurity.

View Security+ Labs on GitHub

🗒️ InfoSec Lab Notes

I document and reflect on my cybersecurity learning journey, including hands-on labs, capture-the-flag (CTF) walkthroughs, tool usage, and exam prep notes. These are part of my ongoing self-study and practical skills development.

Explore Lab Notes

Himson Tam