• Designed and implemented a comprehensive information security management system to protectcore data and prevent major security incidents.• Established and optimized the security audit process, identifying and fixing high-risk vulnerabilitiesto enhance system security.• Led the team in responding to large-scale cyberattacks, reducing potential losses and ensuringbusiness continuity.• Developed and implemented an information security training program to improve securityawareness and reduce risks from human error.• Collaborated with global business units to ensure data compliance and privacy protection ininternational projects.• Conducted regular security risk assessments and updated security policies to adapt to evolvingthreats.• Implemented advanced monitoring systems for real-time detection and response to securityincidents.• Achieved ISO 27001 certification for the information security management system. • Built an efficient information security team to support global business expansion. • Coordinated and completed cross-departmental information security projects.• Responsible for global security operations.

1. Ant Group Terminal Security Management Responsible for terminal security management of Ant Group's global network, including security incidents of Ant group’s terminals such as Mac, Windows, iOS, Linux, Android, IOT, management of security cases and attack defense. Manage JAMF, Airwatch terminal management systems, carry out MDM management of terminal incidents, push security policies and provide security management services for users. Established security incidents track systems for terminal security devices such as terminal threat collection Raspberry Pi, honeypot, and routing black hole. Manage the security policies of Symantec, Mcafee and other servers, host firewalls, vulnerability patches, domain control policy , etc.2. Ant Group Network Security Management The group's global network traffic control and traffic classification management, and the deployment , maintenance of network security firewall policies for all employees. Network IDS & IPS policy planning and alarm operation, VPN policy management , network sandbox management, NAC and employee network behavior management, etc.3. Ant Group SIEM system management Establish the security SIEM system based on Splunk, Stealth Watch, Fire Eye, collect security logs and security alarms of the global network, establish the attack tracking mechanism, and maintain the security level and baseline of the network. 4. Ant Group application security management Application security attack detection and blocking such as Anti-DDoS, WAF, full traffic detection, honeypot, HIDSVulnerability management, supply chain security management, vulnerability assessment, patch upgrade, hot fix, reduction of third-party/open source components, security assessment and selection, backdoor assessment and reduction.5. Ant Group data security management DLP data leakage prevention system deployment and management, establishment of data security management mechanism

• Manage all the mobile devices ,PC and server security events• Implement the Clustering services of windows and Linux• Establish the VPN tunnel for each branch offices• Build the Software Blades farm for the cloud services.• Threat prevention and risk handle• Qualys scanner support .System vulnerabilities Scan and resolve• Unix server management and server security enhancement• Linux and Unix Website Security analysis, Database security enhancement • Datacentres security policies and standards development.• Data protect level audit. Develop company security policy and compliance.• Website Security analysis, Database security enhancement • Datacentres security policies and standards development.• Project security management and resource management. • Security Budget planning and Cost controlling. • BU collaborations and team support. • Develop and optimize the local company security policy and compliance. • Risk analysis ,risk control and risk handling • Incidents management and process optimization. • Security check and support base on each project. • IT infrastructure security designing and enhancement. • Security report and local information security assessment. • ITIL process implementation and training • Firewall, IPS, VPN, Voip planning, deployment, and security management. Trouble shooting the VPN and Firewall issue and provide the report.• Wireless AP and enterprise WIFI Security (WPA, WPA2, AES, IAS/RADIUS) audit.• Microsoft 2012 AD and SQL server management• Microsoft Exchange server management • Microsoft ISA/TMG server management

• Routers, switches, firewall, IPS, VPN, Voip planning, deployment, and security management. Trouble shooting the VPN and Firewall issue and provide the report.• Information security audit and baseline analysis• Project management. • Datacentres security policies and standards development.• Data protect level audit.• Website Security service and Database security check• VLAN, VTP, STP EIGRP, OSPF BGP Qos, Multicast,AAA configuration and management, IPS custom signatures and prevention strategies customized and implemented.• VPN (IPSec, L2TP, DMVPN, MPLS) deployment configuration and VPN performance monitoring.• Microsoft AD, LDAP and Tacacs+ integrated planning, implementation, management and optimization.• Multi-vendor security devices VPN solution. Router & ASA & VPN & IPS monitoring. IOS upgrades and configuration backups. Throughput performance monitoring, written performance report.• Project management and more than 8 people team management resource allocation, project plan review, program testing and employee training.• Cisco IP phones and Call Manager deployment and basic function of settings.• WAN disaster recovery solution, VRRP,AAFO, design and implementation.• IP Addressing.• Wireless AP and enterprise WIFI Security (WPA, WPA2, AES, IAS/RADIUS) setup and support.• Provide the network performance and security analysis report. • Provide customers firewall and VPN skills training..

• Cisco routers and switches firewall network planning, delivery, support and troubleshooting.• Cisco ASA,Pix, IPS, antivirus-wall integration project planning and implementation.• Provide information security solutions for enterprise,(from layer2 to layer7)• Wireless AP access support and VoIP management and troubleshooting.• Enterprise IT Project Manager – 5 people team management, Responsible and accountable for the coordinated management of IT projects directed toward strategic business and other organizational objectives.• Design and deliver technology roadmap for enterprise.• Manage corporate IT product selection, purchasing, inventory and implementation• Storage Area Network (SAN / NAS / NFS ) Architect, management and support• Troubleshooting and analysis network performance.• Provides anti-virus solutions.