#### AI Business P&L and R&D ####- Develop AI Language Model risk and vulnerability testing methodology from scratch. Building the MVP in 1 month, and win the POC in 3 months. (https://www.digfingroup.com/taishin-onedegree/)o Achievement: Establishing new revenue streams in the field of artificial intelligence. Winning one of the top 3 IC design customers worldwide; winning one of the top 5 banking customers in Taiwan; leading sales to achieve 10+ BANT-qualified pipelines in one quarter.- Act as an AI Security spokesman at external events, promoting how Vulcan security solutions can help our clients solve their LLM risks and build verification operations.o Taiwan CyberSec: LLM Adversarial Attacks (2024) [https://tinyurl.com/yen3e9dz]o Panel Speaker of 金融科技國際座談：AI金融未來式 (2024) [https://tinyurl.com/2devmvsr]o Panel Speaker of AI's Impact on Risk Management (InsureInnovator Connect ASIA, 2024) o Panel Speaker of GenAI in Insurance (Digital Insurance, 2024)o Panel Speaker of Prevention of Data Loss and Fraud Online (Vietnam Information Security Day, 2024) [https://securityday.vn/en/agenda/]

#### Microsoft Security Sales and Revenue Management ####- Lead Microsoft Security solution sales to expand cybersecurity business in Taiwan. Work with team members on their quota retirement plan. Host Rhythm-of-Business meetings to align sellers' strategy and execution results.o Achievement: M365 security billed 23% YoY & Azure security consumption 70% YoY.- Act as a Microsoft Security spokesman at external events, promoting how Microsoft security solutions can help our clients solve their security problems from strategy to architecture. [https://tinyurl.com/3spfc9n4] [https://tinyurl.com/4kvw5mpa] [https://tinyurl.com/23k7kff5] [https://tinyurl.com/2p9ndww4]o Achievement: Introduce cybersecurity consultative sales to Microsoft Taiwan, which open the dialogue with CISO from the aspect of information security strategy.

#### IT and Cybersecurity Strategy / Governance / Management ####- OneDegree Group's infra & cybersecurity strategy and roadmap with the group's expansion from 20 to 250 after series B [https://tinyurl.com/4y8edcwc]o Achievement: Passed HKIA GL20 cybersecurity audit and obtained HK virtual insurance license in April 2020. [https://tinyurl.com/589t4p4j]- Manage Infrastructure and Cybersecurity team (SRE, DevOps, Cloud & Security architecture, IT support, risk & control), designing IT lifecycle governance models, risk assessment frameworks, and infra/security architecture & operations.- DevSecOps: CI/CD and Infra-as-Code; static, dynamic, 3rd party library, container and software vulnerability test; pen test. o Achievement: Built seamless, secure, reliable system iteration for scrum teams. - Zero-Trust: Design Zero Trust Architecture for cloud, IAM, networking, shadow IT, endpoint, and data security.Achievement: Integrate SASE, CASB, EDR, DLP and SEG signals to build Zero Trust system, enhancing security operations productivity by 10X.- Cloud Architecture: Horizontal & Vertical Scaling, High Availability, Network Segregation, Reliability & Security Monitoring (WAF, SIEM, ELK, Grafana, K8S).o Achievement: Eliminate SPOF; improve system performance; increase visibility and resilience.- Manage Cyber Red Team (Cymetrics) to provide internal and external pen-test services.o Achievement: ASUSTek Hall of Fame [https://tinyurl.com/42xax88t] (2021 Oct.); - Virtual Asset (Crypto) Insurance and Cyber Insurance product. Support the underwriting team in developing cyber underwriting and risk assessment methodology for crypto custodians' MPC wallet solutions. [https://tinyurl.com/yckefk3p]o Achievement: 2022 ISC2 Global Achievement Award; Passed MunicRe due diligence.- Obtained ISO 27001 and ISO 27017 certificates.o Achievement: Complete the readiness and pass the audit within 4 weeks without external consultants’ support.) [https://tinyurl.com/mryaj5yp]

#### Cybersecurity Business P&L and R&D ####- Build External Attack Surface Management (EASM) SaaS solution from scratch. Cymetrics [https://cymetrics.io/]o Achievement: Microsoft's Gold-Certified Partner; New Revenue Stream. [https://ctee.com.tw/industrynews/technology/533758.html]

#### Cybersecurity Management ####- Served as the decision-maker for information security on Citibank Taiwan’s Institution Clients Group (ICG) and Global Consumer Group (GCB) projects covering 4,000 employees across 50 branches. -Liaise with internal and external stakeholders to influence policy-makers for balanced productivity-security controls.- Oversee information security program including KPI management and exception. Key areas of focus included:. Third-party information security assessment, . Authentication and access management,. Privileged Account management. Endpoint data protection,. Vulnerabilities Assessment, . Hardening etc.- Conduct cyber-attack exercises providing executive teams with constructive containment options. o Achievement: Taiwan to be recognized as the best among eight APAC countries in reacting to cyber catastrophe.- Manage the security incident lifecycle, including triaging incidents, driving immediate containment action, coordinating evidence retention, and liaising with key stakeholders for regulator, media, employee, and customer communication.o Achievement: Mean Time to Respond (MTTR) within the timeline.- Lead personal data protection initiatives, focusing on privacy asset management, risk and control assessments, and implementing adequate controls.o Achievement: no privacy audit findings.- Successfully managed the 2015 and 2017 Financial Examination Bureau (FEB) IT and SWIFT audits.o Achievement: no information security audit findings.

#### IT Risk and Control Management ####- DevOps Change Management: With the introduce of DevOps tools e.g. JIRA, TeamCity, etc., refining the change flow and analyzing the impact to current change process. - Risk and Control: Identifying technology risk, establish the mitigation controls, and performing the self-assessment to ensure the control effective.- Audit Support: Coordinating the internal/external audit and managing Financial Examination Bureau (FEB) audit including special audit to SWIFT system.- Cross Border Data Review: Assessing the offshore hosted applications to ensure the data storage and data access are compliant with Taiwan regulation.- Personal Data Protection: Reviewing privacy by design to assess privacy risk and controls of the new system.

#### Consulting Revenue Management and Delivery #### - Lead team to expand control assurance service, personal information management system (PIMS), and information security management system (ISMS) in Taichung branch. No.1 revenue growth of the group in 2012 and 2013 (60% YoY).- Develop Segregation-of-Duty (SoD) risk assessment system for SAP ECC and Oracle ERP. The system architecture is based on service-oriented architecture (SOA) and Model-View-Controller (MVC) to analyze the complicated SoD issue. Reduce project team 5 man-days per project.- Manage USI Group (SHEX:601231) SOX-404 Attestation Project including budget, scope, schedule and resource allocation. Leading team to complete the project as planned and directly report the result to CIO and audit committee.

#### New Consulting Business R&D, Revenue Management, and Delivery #### - IFRS IT consultant service R&D and P&L 30 MM revenue. Clients: China Development Financial Holdings (TAIEX: 2883), Taiwan Cooperative Financial Holdings (TAIEX: 5880), ASE Group (NYSE: ASX, TAIEX: 2311), Shihlin Electric Group (TAIEX: 1503), Pouchen Group (TAIEX: 9904), and Yulon Group (TAIEX: 2201).

#### Consulting Service Delivery #### - Technology Control Assurance:.Financial Institution clients: Fubon Financial Holdings (TAIEX: 2881), Taiwan Cooperative Financial Holdings (TAIEX: 5880), SinoPac Financial Holdings (TAIEX: 2890), Taishin Financial Holdings (TAIEX: 2887), Shanghai Commercial Bank (TAIEX:5876), Taichung Commercial Bank (TAIEX:2812), Tokio Marine Newa Insurance, Hontai insurance, etc..Logistics clients: HCT Logistics (TAIEX: 2619), Kerry TJ Logistics (TAIEX: 2608), etc..Manufacturing clients: Aerospace Industrial Development (TAIEX: 2634), Giant (TAIEX: 9921), Liteon (TAIEX: 2301), Hannstar (TAIEX: 6116), Wintek (TAIEX: 2384), HIWIN (TAIEX:2049), etc.Retail clients: Gourmet Master (TAIEX: 2723), Shin Kong Mitsukoshi Department Store, etc.- SOX-404 attestation project. Clients: ASE Group (NYSE: ASX, TAIEX: 2311) and Silicon Motion Technology (NDAQ: SIMO).- Control assurance for foreign country’s IPO in Taiwan (a.k.a TDR). On-site US to review and provide advice to TDR clients. Clients: iML (TAIEX: 3638) and CoAdna (TAIEX: 4984).- Data Quality Assurance Project. Clients: MXIC (TAIEX: 2337), Powerchip (TAIEX: 5346), and Far Eastone Telecommunications (TAIEX: 4904).- Develop a resource allocation system that can automatically collect and analyze the consultant's performance. Reducing managers 8 hours per week on resource planning.