Chia Shu Huang

Information Security Manager

Taipei, Taipei City, Taiwan

About

Infosec specialist whose qualifications include a degree in information management, PCI DSS QSA, CEHv8, MCITP, CCNA, ISO 27001-LA, BS10012-LA, and ITIL foundation; and detailed knowledge of technologies and best practices for PCI-DSS and AWS. Over 19 years of experience in creating and deploying solutions protecting networks, systems, and information assets for diverse companies and organizations.

Experience

  • Information Security Manager at Ingrasys 鴻佰科技股份有限公司
    May 2022 - Apr 2025 · 3 yrs

    Regional Head of Information Security with end-to-end responsibility for information security across six manufacturing sites in Asia. Proven track record in building security organizations, governance frameworks, and technical controls from the ground up. Led the implementation of SOC, incident response, and vulnerability management programs, achieving a sustained 99% patch compliance rate. Drove ISO/IEC 27001 certification across multiple sites and served as the primary security lead for high-frequency customer audits from global tier-one clients including Google, NVIDIA, Amazon, and Dell. Strong experience in executive-level security governance, secure network architecture, and deployment of enterprise security technologies (e.g., EDR, MDM). Regularly brief senior leadership on security posture, risk, and compliance to support informed decision-making.

  • Senior Assistant Manager at Rakuten International Commercial Bank
    Jun 2020 - Jan 2022 · 1 yr 8 mos

    Information Security professional with hands-on experience in policy development, audit management, and security operations. Led ISO/IEC 27001 and BS 10012 implementations to certification within one year, managed enterprise security platforms (PAM, SIEM, WAF, EDR), and conducted regular security testing and new product security assessments. Strong background in internal control, internal audit, and security awareness programs.

  • Senior Staff Engineer at KKday
    Feb 2019 - May 2020 · 1 yr 4 mos

    • Designed and delivered enterprise-wide information security training and awareness programs to strengthen security culture • Successfully led BS 10012 implementation, establishing a structured personal data protection management framework • Drove PCI DSS implementation and compliance, supporting secure payment data processing and audit readiness.

  • PCI DSS QSA at Secure Vectors Information Technologies Inc.
    Oct 2016 - Sep 2018 · 2 yrs

    • Led 12 PCI DSS implementation and audit projects across APAC (Singapore, Hong Kong, China, Taiwan); responsible for project delivery, gap analysis, security control implementation, audits, and security training.

  • Information Security Manager at MicroMacro Mobile Inc.
    Jan 2015 - Aug 2016 · 1 yr 8 mos

    • Architected and deployed a high-availability, secure AWS-based web platform, ensuring operational resilience and compliance • Established and executed enterprise information security governance and policies • Successfully achieved PCI DSS v3.0 certification on AWS, supporting secure payment processing • Deployed and optimized ELK Stack (SIEM) to improve threat detection and incident response.