Yang, Tsung-Hsun
Senior Planner
About me:
I have a cheerful personality, and I have a good relationship with family and people.
After graduate school research on machine vision, I had the chance to apply the reach in my former company (TRI Inc.). And assisted the transfer of technology in East China (Shanghai, Suzhou), to the establishment of the Southeast Asia and IBD (International Business Departmant ) customer service team.
After TRI's aoi work. I joined the Taipei City Government team, and joining the smart city project of Mayor Kou (107~108 Transportation Bureau APP on iOS and Android systems), and also took over the government procurement project. Cooperate with the court to enforce the system's consolidation. In the Taipei City Government team. After that, I focus on Information Security of New Taipei City's Social Welfare system, helping New Taipei City Government take care citizen's personal information security.
Now at National Center for Cyber Security Technology(NCCST), my job is keep ISO management system working and NCCST's information security plans. Review each system control item of NCCST. Handle internal and external audits and ISO 27001 and information security law standard projects, and conduct internal testing in the center to promote the information security management system to all agencies in Taiwan in 2023.
National Center for Cyber Security Technology
YZU University (元智大學)Taipei City, Taiwan
Professional Background
Current status
-
Profession
-
Fields
Cyber Security
Work experience
More than 15 years (4-6 years relevant)
Management
I've had experience in managing 1-5 people
Skills
ISO 27001 Lead AuditorISMS ImplementationCybersecurity Risk ManagementPIMSISO20000IT稽核
Languages
English・Intermediate
Chinese・Native or Bilingual
Highest level of education
-
Job search preferences
Desired job type
Full time・Interested in working remotely
Desired positions
-
Desired work locations
-
Freelance
Non-freelancer
Work Experience
Senior Planner
National Center for Cyber Security Technology
January 2022 - January 20231 yr1 mo
Job content: (A-level agency information security full-time staff) 1.About ISO system: 1-1. NCCST's ISO 27001, ISO 20000, BS 10012(ISMS, SMS, PIMS) management system education and training. 1-2. Information asset inventory, risk assessment, management review meeting tracking and control 1-3. Internal and external audit 1-4. Business Continuity Plan (BCP) management, social engineering, information security health diagnosis, vulnerability scanning and penetration testing management examination tracking 2. System protection and control review 2-1. New system classification, online control item review, risk assessment 2-2. Maturity assessment of information security governance in technical service center 2-3. Writing and revising the information security maintenance plan of the whole center 2-4. Signing of operation level agreement (OLA) and service level agreement (SLA) 2-5. Service catalog, service inventory, satisfaction analysis 2-6. Collection and tracking of personal information goals (PIMS-related) 2-7. In 1112, the new ISO system introduction plan of the National Information Security Research Institute and the adjustment of the relevant management system four documents
Cyber Security Analyst
June 2019 - January 20222 yrs8 mos
Social Welfare Department, New Taipei City Government Cyber security experience: 1. Implementation and introduction of ISO 27001 in the first year (for the first time), maintenance inspection and contract request proposal (RFP) planning, procurement and acceptance in the second to third years. 2. Lecturer of the information security education and training course of the Social Bureau. (According to the Technical Service Center of the National Information Security Conference of the Executive Yuan: Information Security Functional Certificate) 3. Bsi third-party verification pre-plan, import operation, verification report. (Passed Bsi verification in October 2020: Social Welfare Management Information System ISMS Procurement Handling, Import, Procurement Acceptance) 4. Information security audit of the Central Health Insurance Administration, security audit of city government cloud certificate packages. (Such as: Police Station, Education Bureau, Finance Bureau, District Offices, etc.). 5. Information security and personal information audit of outsourced information vendors and organizations. 6. Information security contact window of each business department and affiliated level 2 units Personal license, certificate: 1. SGS issued: ISO 27001 LA lead auditor certificate 2. Issued by the National Information Security Technology Service Center of the Executive Yuan: Information Security Functional Certificate (Introduction to Information Security)
Information Engineer
Taipei city government (臺北市政府)
February 2019 - June 20195 mos
Taipei City Goverment (Parking Management and Development Office) 1. C-level agency Information Security Management System (information security) business. 2. Beishi Action APP system management and procurement acceptance. 3. Smart city cross-office system process planning and review proposals. 4. Compulsory enforcement project.
Supervisor
March 2007 - November 20147 yrs9 mos
Engineering Supervisor of South East Regional Business Center April 2014 – May 2017 Malaysia *Team up South East Asia engineer team. The territory includes Malaysia, Singapore, Thailand, Vietnam, Philippine, India and Indonesia. *Responsible for engineering center management, process planning reform, as well as customer service performance goal setting and management. *Educating and technical consulting for East China sales and engineering team. *New software interface education information transfer to application engineer. -Won Q2 outstanding staff. -Won the ASUS Group evaluation on January 2014.
Education
Licenses & Certifications
ISO 27001 LA
SGS
Credential ID: 20NIL96036A05006
Issued May 2020 · No Expiration Date
Build Your Professional Network
Click icon on the company page or under talent search engine to start the conversation.