chicong115.com
Back to work
work

Software Engineering Manager @ OPSWAT

May 2025 – May 2026
Engineering ManagementCybersecurity.NET CoreAWSKubernetesDocker

Role Overview

OPSWAT is a global leader in Critical Infrastructure Protection (CIP) and cybersecurity. I led the Vietnam-based engineering division for MetaDefender Managed File Transfer (MFT) — a flagship enterprise product for secure, compliant file transfer in regulated environments. Co-managed the global product lifecycle with 26 engineers across 3 time zones.

Organizational Structure

  • Vietnam Division: 11 engineers — 2 Development Squads + 1 QA Squad
  • Global Product Team: 26 engineers across Vietnam, Hungary, and Americas
  • Co-managing with EU/Americas counterpart (Doruk, leading 15 engineers)

Key Responsibilities

  • Talent & Culture: Full ownership of Vietnam engineering — recruitment, 90-day onboarding, career development, retention (<10% attrition)
  • Technical Governance: Architectural decisions, QA standards, CI/CD best practices (trunk-based development, feature flags)
  • Strategic Alignment: Interface with VP of Product — translate roadmaps to sprint milestones, presales engineering for enterprise deals
  • Customer-Centric: Engage enterprise clients directly — map feedback to engineering pipeline (ITAR, CMMC, GDPR compliance)
  • Cross-Timezone: Daily async standups, weekly syncs with Hungary/US, bi-weekly architecture reviews
yaml
# OPSWAT — MetaDefender MFT
team_structure:
  vietnam: 11 (2 Dev Squads + 1 QA Squad)
  global: 26 (Vietnam + Hungary + Americas)

tech_stack:
  backend: [.NET Core, C#]
  infrastructure: [AWS, Kubernetes, Docker]
  ci_cd: [Jenkins, GitHub Actions, ArgoCD]
  monitoring: [Datadog, Grafana, PagerDuty]
  database: [PostgreSQL, Redis]

dora_metrics:
  deployment_frequency: "multiple per day"
  lead_time: "< 2 hours"
  mttr: "< 30 minutes"
  change_failure_rate: "< 5%"

Cybersecurity Engineering Mindset

Working in cybersecurity demands a different engineering mindset. Every line of code is a potential attack surface. Security scanning gates, threat modeling, and compliance requirements (ITAR, CMMC, GDPR) shape how we design, build, and deploy software. The product serves government agencies, defense organizations, financial institutions, and critical infrastructure operators worldwide.

← All entriesHome →