Archie Lin
Director Information Security
Taipei
Summary
23+ years experience in IT fields including the followings:
- 13+years Information Security Managerial position focusing on Financial industry
- 5+years Service Delivery Manager in outsourcing industry responsible for regional IT projects in Financial industry across India, Pakistan, Australia, Indonesia and HongKong.
- 2+ years Software QA testing experience in Financial industry
- 2+ years application programing experience in Financial industry 3+ years in Banking business operation.
- Information Security Professional Certifications:CCISO,CISSP,CRISC,CGEIT,CISM,CISA,CDPSE,EDRP,CEH, CHFI,ECIH,CTIA,ISO27001 Other Professional Certifications: PMP and ITIL Education
- Background: Information Systems Management, Banking and Insurance, International Trades.
- Specialize in Information Security management, Business Continuity Management, Audit/Compliance Management, Project Management, Change management, ISO27001, ITIL process, QA testing and Service Delivery Management.
- Project Management: BCP project in EDS Taiwan. Mainframe ZMF Changmen Upgrade. NIDS/HIDS. PCI DSS&ISO 270001 compliance/assessment. PIPA (Personal Information Data Protection Act) . Credit card system re-platform project. PCI DSS infrastructure system building up. Insurance regulation compliance. Cloud solution proposition(Outsystems/AWS).
- To lead the PCIDSS project and obtain the first PCIDSS compliance certification in Taiwan insurance industry.
- Security Tools : IDS/IPS/SDCS/Varonis/Cyberark/RSA access Management Tool /Tripwire/Imperva/Qradar/Encase/BeyoundTrust/ HP Fortify/Social Engineer Tool/ Symantec DLP/SecureMessage/PCI DSS scan/P-Marker/Guardium/Veracode/Nessus/CheckMarx
- Security Compliance: PCI DSS compliance certification.
- Security Compliance assessment. Various audit engagements. PM for third part audit. Manage FSC audit without audit findings.
- Publications: 3 articles published in CAA(Computer Audit Association) periodicals related with PCI DSS. Dynamic and ambitious individual with the capacity to quickly learn and accept new responsibilities.
Overview
23
23
years of professional experience
14
14
Certifications
3
3
Languages
Work History
Director Information Security
Chubb Life
12.2022 - 12.2023
- Complete the merge of two companies from information security perspective
- No business interruption after the successful system migration
- Enhanced team collaboration through regular communication, goal setting, and performance evaluations.
- Developed high-performing teams by providing mentorship, guidance, and opportunities for professional growth.
Director Information Security
Cigna
05.2014 - 11.2022
- Report to CDO/CIO/COO/CEO/CRO/Board of Directors/Regional CISO/Corporate Governance on a regular basis
- The 1st insurance company to be certified with PCIDSS by QSA in Taiwan (Oct 2019)
- Assess and report on threats, vulnerabilities and residual risks; recommend remedial action
- Vendor relationship management - establishing and ensuring compliance with service levels and obligations
- Serves as an internal information security consultant to the organization
- Documents security policies and procedure
- Offers strategic direction to related governance functions (such as BCP, Risk Management, IT, HR, Legal and Compliance) plus senior and middle managers throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies
- Provides direct training and oversight to all employees, contractors, or other third parties, ensuring proper information security clearance in accordance with organizational information security policies and procedures
- Perform information security risk assessments and serves as an internal auditor for security issues
- Work with Global teams to Implements information security policies, procedures and tools
- Monitors compliance with information security policies and procedures, referring problems to the appropriate department manager
- Advise/Present the Board Members/Organization with current information security technologies and related regulatory issues
- Contract/SLA Mgt of Regional Information Systems Centers located in HK
- Support BCP/IT DR/Cyber Security Incident Plan
- Propose Cloud solutions, such as AWS and OutSystems
- Manage compliance (FSC/PCIDSS/PIMS/ISO27001/Outsourcing audit/CorporateAudit/Compliance assessment/ERM:KRI)
- PM of Cyber Security Incident Response Plan
- Member of Corporate Mgt Committee (Internal Control of Corporate Governance and Operation Risk Internal Committee and IT Steering Committee)
Account Delivery Executive
HP
09.2011 - 04.2014
- Regional IT project manager responsible for the countries including India, Pakistan, Australia and Indonesia. The key clients are all from financial institutions. Aggressively involved in the account growth and pre-sale activities and support business to win more than TCV US$15M deals which includes RBS RO bank/ Faysal Bank/JiSun bank/RBS IN bank.
- ADE for RBS, RBL, FBL, HSBC, ANZ and GP Financial accounts
- Day-to-day Client Relationship Management For Delivery Activities
- Achieving SLA / Metrics
- Problem Resolution, Escalation And Performance Trending
- Productivity Improvement Plans
- Supporting growth opportunities
- Project Management Support
- Day-To-Day Delivery Of Contracted Solution in the following areas: Data Center Management, Network and Communication, Open System, Mainframe Systems, Compliance and Security Administration and Change Management.
- Client IT service delivery and performance management and some specific IT design and build project covering the full spectrum of infrastructure technology work.
- Lead, mentor and manage the project delivery unit team, to achieve performance excellence
- P&L controls of responsible accounts.
- Manage several credit card systems re-platform projects
- Key member of PIPA (Personal Data Protection Act) committee in HP ES responsible for PIPA related tasks, such as supporting HP legal to execute the PIPA assessment in HP ES and monitoring/setting up the additional PIPA control mechanism in HP ES.
- Infrastructure setup lead of Asia (Regional) Credit Card Utilities (PCI DSS compliance credit card solution). This project is intend to build up the credit service hosting environment with PCI DSS compliance certification in Taiwan.
- Project Manager of local Bank's Data center re-location.
Service Delivery Manager
HP
02.2009 - 08.2011
- Regional IT project manager responsible for the regions including India, Pakistan, Australia, Indonesia, Singapore and HongKong.
- SDM is responsible for the day-to-day provision of long-term outsourcing services to several clients. Infrastructure Outsourcing is the ongoing management and/or improvement of activities related to a part or to the whole of a technical infrastructure (eg Mid-range, Wintel and Mainframe Hosting service, security systems, telecommunications networks and Data Center), allowing companies to focus on their core business and competencies. The Service Delivery Manager (SDM) is accountable for day to day infrastructure outsourcing service delivery and technology management across all teams and locations where services are provided.
- Service Delivery Manager for RBS (Royal Bank of Scotland), Bank of Kaohsiung and YuanTa Bank.
- Day-to-day Client Relationship Management For Delivery Activities
- Achieving SLA / Metrics
- Problem Resolution, Escalation And Performance Trending
- Productivity Improvement Plans
- Supporting growth opportunities
- Project Management Support
- Day-To-Day Delivery Of Contracted Solution in the following areas: Data Center Management, Network and Communication, Open System, Mainframe Systems, Compliance and Security Administration and Change Management.
- Client IT service delivery and performance management and some specific IT design and build project covering the full spectrum of infrastructure technology work.
- Lead, mentor and manage the project delivery unit team, to achieve performance excellence.
Head of CSA team (Contingency, Security & Audit)
Electronic Data Systems
08.2004 - 01.2009
- Lead of CSA team (Contingency, Security & Audit) is in charge of 4 staffs in EDS Taiwan to provide Information Security Management services and solution to Financial Industry.
- The 1st company in Taiwan to obtain PCIDSS certification in March 2007.
- Report to Regional Security officer.
- Contingency (Business Continuity Management): Project Manager of BCP project in EDS Taiwan. Manage annual BCP Drill in ITO. Supporting BCP project in other regions of EDS.
- Security (Information Security Management for outsourcing financial institutions): Security Administration management: Mainframe & Open systems security administration. Manage the implementation of Security tools (NIDS/HIDS/Tripwire). Provide security solution and consultancy in various projects. Manage the implementation of Tripwire. Support pursuits in security related areas. Coordinator of EDS Global vulnerability scan and penetration test.
- Audit: Manage audits for more than 10 clients in Financial institutions and the follow up of audit findings. Manage PCI DSS audit and help to obtain PCI DSS certifications in EDS Taiwan. Support PCI DSS compliance in other regions of EDS.
- Coordinator/Reviewer of CMT (Compliance management tool) in EDS Taiwan, Key responsibility is to Review and assess IT security control items in both Mainframe systems and Open Systems to make sure it follows EDS security policies.
Assistant manager, CTBC Bank
CTBC Bank
11.1999 - 07.2004
- Information Systems Department: Application Development II IPT Team: Plan and supervise the process of release cuts, Responsible for the training of testing tools, Implementation of new testing tools. (Win Runner/Load Runner)
- Application Architecture Team: Maintain and develop QA Testing environments, Maintain parameters of NBS Systems, Tuning the performance of automating testing processes, Supervise the execution of the testing cases by testing tools.
- QA team: Assisted to plan the establishment of QA division, Develop the automation of the testing process by testing tools, Develop QA testing environments for NBS systems, Plan QA procedures for NBS (New Banking systems).
- Banking Channel team: Handled and maintained all the batch jobs for CBS system (more than 200 JCL and 250 programs), Re-engineered the batch job flow for NBS project, Maintaining CSR and Credit-Check system. Solving the problems of settlements from users.
- Project Manager for ZMF changeman upgrade (Mainframe Application Change Control Tools).
Banking Officer
Shin Kong Commercial Bank Co., Ltd
01.1997 - 07.1998
- It was merged by Shih Kong Bank.
- Loan department: Handled loan applications, Proceeded home mortgages loan and Small & Medium size Enterprise loan, Examined credit cards' applications.
- Foreign department: Exchanged foreign currency, Remittance: outward and inward, Foreign checks collection.
- Deposit department: Cash Checks, Customer account deposits and withdrawals, Opened new accounts, Processed check orders.
Banking Officer
The Shanghai Commercial & Savings Bank
10.1994 - 07.1996
- Deposit department: Check cashing, Clear checks, Cash advances on credit cards, Responsible for customer account deposits and withdrawals, Maintained balances on the Automatic Teller Machines, Opened new accounts and processed check orders.
Second Lieutenant
07.1992 - 05.1994
- In charge of the Scout Team at 64 Brigade in Kaohsiung of Taiwan.
Education
Master degree - MSc in Management and Strategic Information Systems
University of Bath
BA - International Trade
Shih Chien University
Diploma - Banking Insurance
Shih Chien College
Skills
ITIL
Certification
Certified Information Systems Security Professional (CISSP)
Publications
- 從資安事件探討支付卡行業資料安全標準(PCI DSS)之落實
- 支付卡行業資料安全標準(PCI DSS)介紹
Personal Information
Total Experience: 22+ years experience in IT fields including the followings: 13+ years Information Security Managerial position focusing on Financial industry, 5+ years Service Delivery Manager in outsourcing industry responsible for regional IT projects in Financial industry across India, Pakistan, Australia, Indonesia and HongKong, 2+ years Software QA testing experience in Financial industry, 2+ years application programming experience in Financial industry.
Timeline
Director Information Security
Chubb Life
12.2022 - 12.2023
Director Information Security
Cigna
05.2014 - 11.2022
Account Delivery Executive
HP
09.2011 - 04.2014
Service Delivery Manager
HP
02.2009 - 08.2011
Head of CSA team (Contingency, Security & Audit)
Electronic Data Systems
08.2004 - 01.2009
Assistant manager, CTBC Bank
CTBC Bank
11.1999 - 07.2004
Banking Officer
Shin Kong Commercial Bank Co., Ltd
01.1997 - 07.1998
Banking Officer
The Shanghai Commercial & Savings Bank
10.1994 - 07.1996
Second Lieutenant
07.1992 - 05.1994
BA - International Trade
Shih Chien University
Diploma - Banking Insurance
Shih Chien College
Master degree - MSc in Management and Strategic Information Systems
University of Bath
Similar Profiles
Shin Ae ParkShin Ae Park
Senior Underwriter at Chubb LifeSenior Underwriter at Chubb Life
THUY DO NGOCTHUY DO NGOC
Director, Head of Finance at CHUBB LIFE VIETNAM INSURANCE COMPANYDirector, Head of Finance at CHUBB LIFE VIETNAM INSURANCE COMPANY
BINH THI NGUYENBINH THI NGUYEN
RECEIVABLE TEAM LEADER/PROJECT MEMEMBER at Chubb Life Insurance Vietnam Company LtdRECEIVABLE TEAM LEADER/PROJECT MEMEMBER at Chubb Life Insurance Vietnam Company Ltd
Ming-Hsuan KuoMing-Hsuan Kuo
AI Engineering Manager at HD Renewable EnergyAI Engineering Manager at HD Renewable Energy
May Ting Yu WuMay Ting Yu Wu
Household / Estate Director at Confidential UHNW EmployerHousehold / Estate Director at Confidential UHNW Employer