About Kuro

A Slashie ,Consultant ,and Medium Blogger. Kuro is principally engaged in the consulting experience of the Cybersecurity, network infrastructure security, web security ,incident response, mobile application security,incident response and technical assessment testing / auditing (ISMS, SWIFT, regulatory compliance), especially in Financial security sector. Through years of experience and research,He is committed to assisting clients in solving information security, either management policy or technical issues with his diverse backgrounds and expertise.

In addition to computer system vulnerability assessment projects, he also develop and participate in new information security methodologies, frameworks in the Deloitte infrastructure security service team. As a Security Solution Architect,he is responsible for development, integration and delivery of cyber security services to various customers. Other responsibilities include working with sales and bids teams to identify potential opportunities and also to sign off bids, plus many more.


Experience

  • Big Four Accounting Firms : Deloitte CyberSecurity Consultant 勤業眾信 資訊安全技術顧問
  • Financial Industry : Information System Security 資訊安全系統管理師
  • Sticker Maker : ( https://line.me/S/shop/sticker/author/1656721)
  • Regulatory Compliance : 金融機構合規檢視, ISO 27001, CIS Control, STIGs, IEC 62443, SWIFT CSCF, Singapore TRM Guidelines, Philippine MORB, Cyber security maturity assessment
  • Technical Assessment : Computer System Security , Pentesting, Mobile Application Security, Secure Configuration Baseline, General Data Protect, Network Architecture, solution engineering ,incident response.
  • Cybersec 2021 Speaker | 台灣資安大會 講者 ( https://cyber.ithome.com.tw/2021/session-page/164 )

Services

  • Find opportunities to be an lecturer, Instructor or speaker | 內外部講師
  • Cybersecurity Consulting Services | 資安顧問服務
  • Vulnerability Analysis : Web application, mobile application, System and etc. | 網站滲透測試與APP安全
  • Network Security Architecture (IT & OT) | 企業網路架構與設備組態安全
  • Cyber Security Audit | 資安系統稽核
  • CyberSecurity Framework : CIS Control, ISMS, STIG, CMMC | 資安制度與框架

Blog


Community / Conference Volunteer:

– HITCON( Hacks in Taiwan Conference ) Staff : 台灣駭客年會

  • 2018/2019/2020

– COSCUP(Conference for Open Source Coders, Users and Promoters) Staff : 開源人年會

  • 2016/2018/2020

– SITCON (Students’ Information Technology Conference) Staff : 學生計算機年會

  • 2016/2017

Certification

Penetration Testing & Security Analysis Certification :

  • CEH, EC-Council Certified Ethical Hacker | EC-Council 認證駭客技術專家
  • ECSA, EC-Council Certified Security Analyst | EC-Council 認證資安分析專家
  • CPSA, CREST Practitioner Security Analyst | CREST 認證資安分析專家
  • CTIA, EC-Council Certified Threat Intelligence Analyst | EC-Council 威脅情資分析專家
  • TCSE, Trend Certified Security Expert | 趨勢認證資訊安全專家

Auditor :

  • CISA, Certified Information Security Auditor | 國際電腦稽核師
  • ISO/IEC 27001 Lead Auditor | ISO 27001 主導稽核員
  • ISO/IEC 27001 Internal Auditor | ISO 27001 內部稽核員

Network Security Certification :

  • CCNP Security, Cisco Certified Network Professional : Security | 思科認證網路安全專家
  • NSPA, Network Security of Packet Analysis | 網路安全封包分析師
  • NSE 2, Fortinet Network Security Associate | Fortinet 網路安全專家
  • CyberArk Trustee, CyberArk Trustee Certification | CyberArk 受託者認證

Network Infrastructure Certification :

  • CCNP Enterprise, Cisco Certified Network Professional : Enterprise | 思科認證企業網路建置專家
  • VCP-NV, VMware Certified Professional – Network Virtualization | VMware 認證網路虛擬化專家
  • CCNA R&S, Cisco Certified Network Associate : Routing and Switching | 思科認證網路工程師

Other :

  • ISO/IEC 17025, General requirements for the competence of testing and calibration laboratories (Mobile Application Security Lab ) | ISO 17025 實驗室品質管理訓練合格 (資安科技暨鑑識分析中心)
  • CyberArk Certified Sales Professional
  • CyberArk Certified Pre-Sales Engineer | CyberArk 售前規劃師

Cloud

  • AZ-900, Microsoft Azure Fundamentals | 微軟Azure雲端概論

Project Management :

  • SFPC, CertiProf Scrum foundations Professional Certificate | 敏捷開發概論
  • PMEC, Project Management Essentials Certified | 專案管理概論

Professional Organization :

  • ISACA | 國際電腦稽核協會
  • Computer Audit Association | 中國民國電腦稽核協會