Zhemou Li
About Zhemou Li
Zhemou Li is a Product Security Engineer and Vulnerability Management Engineer at Trellix, where he has worked since 2021. He specializes in critical incident management, technical risk assessment, and automation of security operations.
Work at Trellix
Zhemou Li has been employed at Trellix as a Product Security Engineer and Vulnerability Management Engineer since 2021. In this role, he participates in the Critical Incident Management and Response process, focusing on assessing and addressing critical incidents, particularly concerning hot CVEs that affect both customers and Trellix's infrastructure. His responsibilities include creating Technical Risk Assessment Reports and providing recommendations for the remediation of identified vulnerabilities. Additionally, he organizes knowledge-sharing sessions to enhance the collective understanding of security practices among team members.
Education and Expertise
Zhemou Li holds a Bachelor's degree in Computer Science from Xidian University, where he studied from 2010 to 2014. He furthered his education by obtaining a Master's degree in Computer Science from The University of Texas at San Antonio, completing his studies from 2015 to 2017. His educational background provides a solid foundation for his expertise in security engineering and vulnerability management.
Previous Work Experience
Before joining Trellix, Zhemou Li worked at McAfee as a Product Security Engineer and Vulnerability Management Engineer from 2019 to 2021. Prior to that, he was employed at ZillionInfo as a Software Engineer for six months in 2017. His experience in these roles contributed to his skills in vulnerability management and security operations.
Technical Skills and Contributions
Zhemou Li has developed and maintained Jenkins pipeline automation processes to streamline daily vulnerability management operations. He also deploys automation pipeline infrastructure using Ansible in AWS, enhancing the efficiency of security operations. Additionally, he participates in the PSIRT project, where he reviews external reports for web applications and endpoint products, verifies exploit steps, analyzes risk impacts, and collaborates with product teams to remediate vulnerabilities.
Security Practices and Initiatives
In his current role, Zhemou Li conducts security architecture reviews for product teams to ensure that robust security measures are implemented. He actively contributes to the organization of knowledge-sharing sessions aimed at improving the security practices of both new team members and the broader team.