Job content: (A-level agency information security full-time staff) 1.About ISO system： 1-1. NCCST's ISO 27001, ISO 20000, BS 10012(ISMS, SMS, PIMS) management system education and training. 1-2. Information asset inventory, risk assessment, management review meeting tracking and control 1-3. Internal and external audit 1-4. Business Continuity Plan (BCP) management, social engineering, information security health diagnosis, vulnerability scanning and penetration testing management examination tracking 2. System protection and control review 2-1. New system classification, online control item review, risk assessment 2-2. Maturity assessment of information security governance in technical service center 2-3. Writing and revising the information security maintenance plan of the whole center 2-4. Signing of operation level agreement (OLA) and service level agreement (SLA) 2-5. Service catalog, service inventory, satisfaction analysis 2-6. Collection and tracking of personal information goals (PIMS-related) 2-7. In 1112, the new ISO system introduction plan of the National Information Security Research Institute and the adjustment of the relevant management system four documents

Social Welfare Department, New Taipei City Government Cyber security experience: 1. Implementation and introduction of ISO 27001 in the first year (for the first time), maintenance inspection and contract request proposal (RFP) planning, procurement and acceptance in the second to third years. 2. Lecturer of the information security education and training course of the Social Bureau. (According to the Technical Service Center of the National Information Security Conference of the Executive Yuan: Information Security Functional Certificate) 3. Bsi third-party verification pre-plan, import operation, verification report. (Passed Bsi verification in October 2020: Social Welfare Management Information System ISMS Procurement Handling, Import, Procurement Acceptance) 4. Information security audit of the Central Health Insurance Administration, security audit of city government cloud certificate packages. (Such as: Police Station, Education Bureau, Finance Bureau, District Offices, etc.). 5. Information security and personal information audit of outsourced information vendors and organizations. 6. Information security contact window of each business department and affiliated level 2 units Personal license, certificate: 1. SGS issued: ISO 27001 LA lead auditor certificate 2. Issued by the National Information Security Technology Service Center of the Executive Yuan: Information Security Functional Certificate (Introduction to Information Security)

Taipei City Goverment (Parking Management and Development Office) 1. C-level agency Information Security Management System (information security) business. 2. Beishi Action APP system management and procurement acceptance. 3. Smart city cross-office system process planning and review proposals. 4. Compulsory enforcement project.

Engineering Supervisor of South East Regional Business Center April 2014 – May 2017 Malaysia *Team up South East Asia engineer team. The territory includes Malaysia, Singapore, Thailand, Vietnam, Philippine, India and Indonesia. *Responsible for engineering center management, process planning reform, as well as customer service performance goal setting and management. *Educating and technical consulting for East China sales and engineering team. *New software interface education information transfer to application engineer. -Won Q2 outstanding staff. -Won the ASUS Group evaluation on January 2014.