# Kai Yuan Thng

> Staff Engineer, Security @ Meta

Location: Los Altos, California, United States
Profile: https://flows.cv/kaiyuanthng

## Work Experience
### Staff Engineer @ Meta
Jan 2018 – Present | Menlo Park
I'm at the heart of Meta's security & privacy infrastructure, focusing on building frameworks and implementing foundational changes across our family of apps to deliver scaled security benefits. Here are some highlights:

* Drove Instagram's migration to 100% HTTPS, a critical move to secure user data.
* Authored Instagram's cookie management framework, strengthening privacy controls.
* Enhanced Django's CSRF prevention framework, a key aspect of web security.
* Collaborated on Trusted Types for Python in FB, an innovative approach to security.
* Built infrastructure for securing TLS keys and led code signing security initiatives.
* Developed authentication infrastructure for Reality Labs, enabling the rollout of Meta accounts that operate at the company level.

I've had the opportunity to work with technologies like Python, Hack/PHP, & C++, crafting solutions that uphold our commitment to security and privacy.

### Security Engineer Intern @ Facebook
Jan 2017 – Jan 2017 | Menlo Park, California
* Developed automation to detect subdomains vulnerable to hostile takeover, allowing us to remediate them proactively.
* Co-managed the company's Whitehat Bug Bounty program, leveraging crowdsourced ethical hackers to identify and remediate bugs.
* Conducted security reviews to ensure our products are polished, high-quality, and shipped with minimal security vulnerabilities, reflecting our commitment to excellence.

### Teaching Assistant @ National University of Singapore
Jan 2015 – Jan 2017 | Singapore
Tutored CS1010FC (Programming Methodology; Python), CS2020 (Accelerated Data Structures & Algorithms; Java), CS2107 (Introduction to Information Security), and NUS Orbital (Workshop on Web Security).

### Intern @ MWR InfoSecurity
Jan 2016 – Jan 2017
Developed a JavaScript source code analyzer that outperformed existing open-source alternatives. Using taint analysis and pattern matching, it detects vulnerabilities and security misconfigurations in NodeJS applications.

### Associate Research Engineer Intern @ FireEye, Inc.
Jan 2016 – Jan 2016
Enhanced the detection capability of FireEye's MVX™ engine through insights gleaned from in-depth malware analysis and research on malicious URL classification. Main technologies include IDA Pro, Wireshark, Python and WinDbg.

### Project Lead @ Computing for Voluntary Welfare Organisations
Jan 2015 – Jan 2015
Led a team of 6 software engineers in the development and enhancement of case management systems for 2 voluntary welfare organizations: Care Corner Counseling Centre & Lions Befrienders Service Association Singapore. Main technologies include Ruby on Rails, Drupal 7, Ubuntu and MySQL.


## Education
### Bachelor’s Degree (Hons) in Computer Science
National University of Singapore


## Contact & Social
- LinkedIn: https://linkedin.com/in/thngkaiyuan
- Portfolio: http://opensource-thoughts.blogspot.com
- GitHub: http://github.com/thngkaiyuan

---
Source: https://flows.cv/kaiyuanthng
JSON Resume: https://flows.cv/kaiyuanthng/resume.json
Last updated: 2026-04-12