Zeyu (Zayne) Zhang
Email:
[email protected] | W
ebsite:
analogue.computer
| Link
edIn:
www.link
edin.com/in/zhang-zeyu
Education
University of Cambridge Oct. 2023 – 2026 (Expected)
B. A. (Hons) in Computer Science Cambridge, England
•
Grade: 1st Class. Highest mark for Object-Oriented Programming. Top 5 in: Databases, Discrete Mathematics, Machine
Learning & Real-world Data, Software & Security Engineering.
•
Cybersecurity Society: Secretary (2024/25) – Represented the University in various international competitions.
∗ 1st place at pwnEd5 finals, hosted by the University of Edinburgh.
∗ 2nd place at the global finals of LakeCTF 2024, hosted by the Swiss Federal Institute of Technology Lausanne.
∗ 3rd place at European finals of CSAW CTF 2023, hosted by New York University.
•
Hughes Hall May Ball Committee – Developed www.hughesmayball.co.uk and managed domain. React · TailwindCSS
•
Hughes Hall IT & Infrastructure Officer (2024). Singapore Society Database Officer (2024/25)
Experience
Open Government Products Jun. 2024 – Present
Software Engineer Intern Singapore
•
Built & shipped a Next.js app used by HR and team leads to visualize and preview changes to access control policies on the
organization’s GitOps access control solution, reducing human error. This replaces previously ClickOps-heavy workflows.
•
Used Pulumi infrastructure as code to build a Better Stack integration that reduces time-to-triage for vulnerability reports
from several hours to < 1 minute.
•
Initiated and led a project to build open-source secure-by-default components used by developers in production systems and
our starter kit template, making application security easy and invisible. Remediated a Next.js 0-day in the process.
•
Configured CI/CD pipelines including automated NPM package publishing, changelog generation, documentation generation
from TSDoc comments (published to a documentation website), testing and deployment.
•
Initiated and configured advanced static code analysis pipelines across the organization. Wrote and published custom
CodeQL query packs and libraries for data flow analysis on common technologies used, including Next.js, React, and tRPC.
Jane Street, Macquarie Mar. 2024 – Apr. 2024
First-Year Trading & Technology Programme, Technology Spring Insight Programme London, United Kingdom
Cure53 May 2023 – Present
Freelance Security Engineer Berlin, Germany (Remote)
•
Performed 20+ code audits and VAPTs for global clients, including Fortune 20 companies.
•
Targets included web applications, browser extensions, Electron-based desktop applications, and mobile applications.
TikTok Apr. 2023 – Sep. 2023
Security Engineer Intern Singapore
•
Discovered 50+ security vulnerabilities affecting critical internal and external facing services, such as TikTok.
•
Developed Java extension on Burp Suite’s new Montoya API for testing protobuf over both WebSockets and HTTP(s), a
feature not supported by any open-source extension at the time of development.
•
Wrote and deployed to K8s a deliberately vulnerable app in React and Express used as part of an internal competition.
•
Researched at scale: Protobuf over WebSockets, XSS filter bypasses, and rich text editor vulnerabilities.
•
Weaponised a 0-day in an online word processor to harvest employee credentials in a red team operation.
Hackathons & Projects
EurekaPad | Next.js · TailwindCSS · Convex · Clerk · Radix UI · Vercel · Azure Cognitive Services
•
Notion + Jupyter Notebooks for STEM students. Runnable code blocks, intuitive math editor, interactive graphs, etc.
•
Built core features from scratch as a solo developer. Now leading a team of 4 engineers to launch and scale the product.
•
Next iteration of EduAble (below). Supported by Microsoft for Startups.
Echo | Next.js · TailwindCSS · Vercel · Reddit, Twitter API + OAuth
•
Most Promising AI x Web3 Build, 1st Prize @ Encode Club London AI Hackathon 2024
•
Social media aggregator that provides personalised feed for users to regain control of their social media algorithms.
EduAble | Next.js · TailwindCSS · PostgreSQL · Vercel · OpenAI API
•
2nd Place @ Cambridge Generative AI Hackathon 2024, Finalist @ Fitzelerate 2024
•
STEM notetaking app with real-time audio transcription to Markdown & LaTeX, and AI-generated summaries & quizzes.
L
A
T
E
X Source: github.com/zeyu2001/cv | Web Version: cv.analogue.computer