Tommy Tseng

Job Description:
As the Security Architect at ViewSonic, my primary mission is to bolster the organization's cybersecurity framework and ensure our technology infrastructure aligns with top-tier security standards and regulations. My role is central to fostering a secure, innovative environment for our products and services. My responsibilities encompass:

1.)Customer Communication on Security:
Serve as the main contact for client security queries.
Offer comprehensive insights on compliance with US (EO 14100, EO 14028), European (GDPR, CRA, PSTI), and other crucial security standards.

2.)DevSecOps for AWS:
Lead the incorporation of security within development life cycle, particularly for AWS cloud services.
Collaborate with diverse teams to infuse early-stage security best practices in development and deployment.

3.)Infrastructure as Code (IaC):
Implement IaC to ensure process consistency and secure, immutable cloud infrastructure.
Utilize IaC methodologies to enhance our infrastructure management and provisioning.

4.)SOC 2 Compliance:
Initiate and guide the organization towards achieving SOC 2 compliance, focusing on key trust principles.
Engage with various stakeholders to maintain and verify compliance standards.

5.)Architecture and Design Reviews:
Perform in-depth security reviews of project architectures and designs.
Offer authoritative advice to ensure compliance with highest security norms.

Job Description:
In my role as Technical Manager in Financial Service Cybersecurity, I am entrusted with a comprehensive array of responsibilities to ensure the robustness of our clients' cybersecurity defenses.

My key duties include:
1.)Cybersecurity Consultancy: Acting as the primary cybersecurity consultant, I provide expert advice and strategic direction to enhance our clients' security postures.

2.)Operational Leadership: As operational lead, I oversee day-to-day activities related to cybersecurity, ensuring all processes align with industry best practices.

3.)Implementation Oversight: I am responsible for supervising deployment of various cybersecurity products(EDR), ensuring they are integrated seamlessly into clients' environments.

4.)Continuous Monitoring: I monitor performance and effectiveness of cybersecurity solutions, including EDR (Endpoint Detection and Response) and NDR (Network Detection and Response), to identify and address potential vulnerabilities.

5.)In-depth Analysis: Conducting thorough analyses of cybersecurity incidents and trends to continually refine defense strategies.

6.)Integration of Security Solutions: role is pivotal in weaving various cybersecurity solutions into clients' incident response and reporting frameworks, ensuring a cohesive and responsive security infrastructure.

-Project Descriptions:
1.)Telecommunications Billing System and BRM - Billing Audit System:
- billing aduit systemand

-Duration: September 2019 to May 2020
-Role: Full Stack Development
-Tools: JAVA, JavaScript, JSP, Spring API, Oracle Database
-Environment: JBoss

2.)e-Invoice Center:
-Successfully passed Ministry of Finance's testing and pressure testing, obtaining approval for self-testing from the Ministry of Economic Affairs.

-Duration: June 2020 to June 2021
-Role: Full Stack Development, QA, and Maintenance
-Tools: Laravel, PHP, MySQL, JavaScript, HTML, jQuery, Vue
-Environment: Ubuntu, Nginx

3.) Web service for ML-based clothing size recommendation:
- users input body measurements to recommend clothing sizes using trained machine learning models.
-Duration: June 2021 to December 2021
-Role: Full Stack Development, QA, and AI Developer
-Tools: Laravel, PHP, JavaScript, HTML, jQuery, Python, MySQL, Anaconda, - Machine Learning (Random Forest, PCA, SVC, XGBoost, MLP)
Environment: Ubuntu, Nginx

Job Description:
Project Overview: Developed the Breeze Payment System (BreezePay), system functionalities, and maintenance. Worked on a financial reconciliation system (consumption and credit card reconciliation).

Role: Full Stack Engineer, QA, and Maintenance, specializing in Cloud Solutions

Project Environment: Cloud platforms used included AWS and Azure.
1.) Feature Development: Developed an annual celebration service system (point and lottery system), and managed invoice integration along with backend administration settings for a consumption and credit card reconciliation system.

2.) E-payment System Completion: Enabled payment via a mobile app from POS, connecting to the backend server, and further integrating with the invoice and banking systems to complete transactions. Notifications of completed transactions were sent to the mobile app via API. Responsible for developing server connections for invoicing, banking, and mobile app development, including parts of the mobile app.

3.) Maintenance: Handled routine maintenance tasks related to member points and monetary issues.

Job Description:
I led the development of an IoT Android/Windows platform for device monitoring, managing IoT connections, user activities, and OTA (Over-The-Air) software upgrade supervision. This platform supports cloud and on-premises environments (AWS, GCP, Azure, VMware) and can handle up to 1000 simultaneous device connections.

Key Responsibilities:
1.)Server Environment Setup:
Established server environments on AWS, GCP, Azure, and on-premises VMware ESXi 6.0.

2.)Automation and Deployment:
Implemented automated build and deployment processes using Jenkins, integrating Git and VMware.

3.)Service Provisioning:
Developed features including OTA functions, IoT device management records, and email notifications for updates and activity reports.

Role Summary:
Engage in the development and enhancement of the SafeSync cloud storage service, focusing on Android client development, server-side service enhancements, and direct customer support for installation and maintenance.

Android Client Development:
-Develop and enhance the Android client for SafeSync, focusing on user experience and functionality.
-Implement features for file upload, resume upload, and background upload/download.
-Design and develop a custom page for trash management and action logs.

Server-Side Development:
-Develop web interfaces and functionalities for SafeSync's synchronization with Active Directory or LDAP.
-Create and maintain management web pages with a focus on permission control.
-Develop administrative backend features, including log management and health check functionalities.

Service Engineering:
-Provide support for client installations, setup, networking, usage, and maintenance.
-Address and resolve customer issues, ensuring smooth operation and satisfaction.
-Act as a primary technical contact for clients, aiding in troubleshooting and problem resolution.