Taipei, Taipei City, Taiwan
Infosec specialist whose qualifications include a degree in information management, PCI DSS QSA, CEHv8, MCITP, CCNA, ISO 27001-LA, BS10012-LA, and ITIL foundation; and detailed knowledge of technologies and best practices for PCI-DSS and AWS. Over 19 years of experience in creating and deploying solutions protecting networks, systems, and information assets for diverse companies and organizations.
Regional Head of Information Security with end-to-end responsibility for information security across six manufacturing sites in Asia. Proven track record in building security organizations, governance frameworks, and technical controls from the ground up. Led the implementation of SOC, incident response, and vulnerability management programs, achieving a sustained 99% patch compliance rate. Drove ISO/IEC 27001 certification across multiple sites and served as the primary security lead for high-frequency customer audits from global tier-one clients including Google, NVIDIA, Amazon, and Dell. Strong experience in executive-level security governance, secure network architecture, and deployment of enterprise security technologies (e.g., EDR, MDM). Regularly brief senior leadership on security posture, risk, and compliance to support informed decision-making.
Information Security professional with hands-on experience in policy development, audit management, and security operations. Led ISO/IEC 27001 and BS 10012 implementations to certification within one year, managed enterprise security platforms (PAM, SIEM, WAF, EDR), and conducted regular security testing and new product security assessments. Strong background in internal control, internal audit, and security awareness programs.
• Designed and delivered enterprise-wide information security training and awareness programs to strengthen security culture • Successfully led BS 10012 implementation, establishing a structured personal data protection management framework • Drove PCI DSS implementation and compliance, supporting secure payment data processing and audit readiness.
• Led 12 PCI DSS implementation and audit projects across APAC (Singapore, Hong Kong, China, Taiwan); responsible for project delivery, gap analysis, security control implementation, audits, and security training.
• Architected and deployed a high-availability, secure AWS-based web platform, ensuring operational resilience and compliance • Established and executed enterprise information security governance and policies • Successfully achieved PCI DSS v3.0 certification on AWS, supporting secure payment processing • Deployed and optimized ELK Stack (SIEM) to improve threat detection and incident response.