Yang, Tsung-Hsun

About me:
I have a cheerful personality, and I have a good relationship with family and people.

After graduate school research on machine vision, I joinned the first company (TRI Inc.). In TRI, from engineer promoted to engineering supervisor to assisted the transfer of technology in East China (Shanghai, Suzhou), to the establishment of the Southeast Asia and IBD (International Business Department ) customer service team.

After TRI's aoi work. I joined the Taipei City Government team, and joined the smart city project of Mayor Kou (107~108 Transportation Bureau APP on iOS and Android systems), and also took over the government procurement project. Cooperate with the court to enforce the system's consolidation. In the Taipei City Government team. After that, I focused on Information Security of New Taipei City's Social Welfare system, helping New Taipei City Government take care citizen's personal information security.

Now working at National Center for Cyber Security Technology(NCCST), my job is keeping ISO management system working and NCCST's information security plans. Review each system control item of NCCST. Handle internal and external audits and ISO 27001 and information security law standard projects, and conduct internal testing in the center to promote the information security management system to all agencies in Taiwan in 2023.

  Taipei City, Taiwan  

工作經歷

Senior Planner  •  National Center for Cyber Security Technology

一月 2022 - 一月 2023

Job content: (A-level agency information security full-time staff)
1.About ISO system:
1-1. NCCST's ISO 27001, ISO 20000, BS 10012(ISMS, SMS, PIMS) management system education and training.
1-2. Information asset inventory, risk assessment, management review meeting tracking and control
1-3. Internal and external audit
1-4. Business Continuity Plan (BCP) management, social engineering, information security health diagnosis, vulnerability scanning and penetration testing management examination tracking

2. System protection and control review
2-1. New system classification, online control item review, risk assessment
2-2. Maturity assessment of information security governance in technical service center
2-3. Writing and revising the information security maintenance plan of the whole center
2-4. Signing of operation level agreement (OLA) and service level agreement (SLA)
2-5. Service catalog, service inventory, satisfaction analysis
2-6. Collection and tracking of personal information goals (PIMS-related)
2-7. In 1112, the new ISO system introduction plan of the National Information Security Research Institute and the adjustment of the relevant management system four documents

Cyber Security Analyst  •  New Taipei City government

六月 2019 - 一月 2022

Social Welfare Department, New Taipei City Government
Cyber security experience:
1. Implementation and introduction of ISO 27001 in the first year (for the first time), maintenance inspection and contract request proposal (RFP) planning, procurement and acceptance in the second to third years.
2. Lecturer of the information security education and training course of the Social Bureau.
(According to the Technical Service Center of the National Information Security Conference of the Executive Yuan: Information Security Functional Certificate)
3. Bsi third-party verification pre-plan, import operation, verification report.
(Passed Bsi verification in October 2020: Social Welfare Management Information System ISMS Procurement Handling, Import, Procurement Acceptance)
4. Information security audit of the Central Health Insurance Administration, security audit of city government cloud certificate packages.
(Such as: Police Station, Education Bureau, Finance Bureau, District Offices, etc.).
5. Information security and personal information audit of outsourced information vendors and organizations.
6. Information security contact window of each business department and affiliated level 2 units

Personal license, certificate:
1. SGS issued: ISO 27001 LA lead auditor certificate
2. Issued by the National Information Security Technology Service Center of the Executive Yuan: Information Security Functional Certificate (Introduction to Information Security)

Information Engineer  •  Taipei city government (臺北市政府)

二月 2019 - 六月 2019

Taipei City Goverment (Parking Management and Development Office)
1. C-level agency Information Security Management System (information security) business.
2. Beishi Action APP system management and procurement acceptance.
3. Smart city cross-office system process planning and review proposals.
4. Compulsory enforcement project.

Supervisor  •  Test Research, Inc.

三月 2007 - 十一月 2014

Engineering Supervisor of South East Regional Business Center
April 2014 – May 2017 Malaysia

*Team up South East Asia engineer team. The territory includes Malaysia, Singapore, Thailand, Vietnam, Philippine, India and Indonesia.

*Responsible for engineering center management, process planning reform, as well as customer service performance goal setting and management.

*Educating and technical consulting for East China sales and engineering team.

*New software interface education information transfer to application engineer.

-Won Q2 outstanding staff.
-Won the ASUS Group evaluation on January 2014.

學歷

2003 - 2005

YZU University (元智大學)

Industrial Engineering and Management

1999 - 2003

真理大學 Aletheia University

Information Management

技能

  • ISO 27001 Lead Auditor
  • ISMS Implementation
  • Cybersecurity Risk Management
  • PIMS
  • ISO20000
  • IT稽核

語言

  • English — 中階
  • Chinese — 母語或雙語
Powered By
CakeResume