Bing Zhu

Experience

• 

  中芯国际

  Mar 2001 - Jul 2004

  Data Analyst

  Work scope: 1. data analysis and Oracle yield report develop. 2. Factory MES automation and data automated collection.

• 

  英特尔

  Jul 2004 - May 2009

  IT Decision Support Specialist

  Work scope: 1. IT DSS project management and deploy in Shanghai factory. As DSS project leader, I succeed to deploy 1263/1264 and SDD project in factory.2. As business and data analyst, I’m familiar with factory manufacturing route/process. I built a bridge between factory local user and developer(in USA and India) for good communication and requirement analysis.3. SOX technical consult. Support monthly factory cyclecount as IT responsible person, support annual internal and external audit for cyclecount and IT system account privilege.4. BI support and DB app develop. BO and crystal report develop.Training: Oracle 10g administrator workshop Show less

• 

  阿尔卡特朗讯上海贝尔

  May 2009 - Jan 2010

  IT Project leader

  lead team to develop Alcatel-Lucent internal purchase order system.1. Build project team, total team member is 8.2. Project resource forecast(mandays) and task assign. Proto type design and user case design.3. Project timesheet management.

• 

  戴尔

  Jan 2010 - Aug 2010

  IT Business Analyst Manager

  provide business analysis service to Dell product lifecycle management solution Oracle Agile. 1. Supply chain business analysis from business department Bill-of-material to outsourcing manufacturing.2. Be the contact person with Oracle, analysis and solve data integration problem.

• 

  Bosch

  Aug 2010 - Jul 2014

  Information Security Manager

  provide information security service within Bosch Asia-pacific area. 1. Base on Bosch Information Security policies, provide internal IT audit service on Bosch each business unit. Information Security audit on IT server, IT room and manufacturing line. Audit new M&A company and outsourcing warehouse. Follow up correct action plan for those audit findings.2. Provide information security technical consult service to business unit project for each phase milestone check as information security project manager role. Join Bosch Car After-Market repair-shop information system project and Power-Tool order system project.3. Estimate information security environment, analysis and track indicators and incidents like virus report analysis, audit finding etc.4. Annually organize workshop and training in AP for 10~20 people. Certificates and Training: CIA and CISA certificated and ISO27001 training. Show less

• 

  Citibank China

  Aug 2014 - now

  Job Duty:1. As Technology Risk and Control 1st line of defence, work closely with Technology teams, IT Compliance, 2nd and 3rd technology lines to comply with regulations and Citi internal policy/standard, perform gap analysis on technology regulations and risk notice.2. Take the ownership of technology regulatory reports, including but not limited to: annual IT Rating materials, IT offsite report, Critical system change report, Major incident report, IPv6 report etc.3. Coordinate onsite/offsite regulatory technology inspection and collaborate closely with internal stakeholders and regional teams.4. Coordiante or support internal and external technology audit/assessment with satisfied result, e.g. IA technology audit, annual information system security classified assessment, Deloitte technology audit, KPMG E-Banking assessment, Mobile APP Security Assessment etc.5. Support Technology Head to maintain a secure and control effective environment via Management Control Assessment, Risk Control ScoreCard, Major Technology project identify and post implementation review, Reportable Incident post morterm review, Information Security issue(SIRT), training etc.6. Work closely with Technology teams to make correction action plan to address non-compliant issues and track till issue closure.7. Work as Technology Continue of Business coordinator, coordinate department Deny of Access, Deny of Service, Call Tree drill, People Loss Plan etc.8. Work closely with technology 2nd and 3rd line to assess 1st line controls effectiveness, e.g. Business Monitoring, quarterly Management Control Assessment Challenge, quarterly 2nd Technology line KRI/KPI.9. Other 1st line BAU work and assignment, including but not limited to support IT Management Committee meeting, regional Risk Control meeting, Technology Department meeting Show less Job Duty: 1. As Citi China Information Security Officer, support Citi China information security team head and work closely with local and regional stakeholders to maintain bank inforamtion security environment, comply with regulation and Citi information security standard.2. Coordinate Cyber Security Law and CBIRC/PBOC regulations gap analysis on Technology Risk Management, Offsite Outsourcing, Mobile Banking Security, Consumer Right Protection areas etc;3. Coordinate and support regulatory, external and internal audit onsite and offsite inspection;4. Coordinate IS and IT related regulatory reports, including IT Offsite report, Cybersecurity annual report. Support other reglatory reports, including annual IT Rating materials, 2nd line KRI/KPI etc. 5. Design China local Data Leakage Protection rules to enhance Citi China information security environment. Closely track Data Leakage Protection violation incident and escalate if necessary. 6. Follow up and remediate regulatory and auditor information security correct action plan till closure.7. Review business request for USB usage to reduce bulk information leakage risk 8. other Information Security Officer BAU work and assignment, e.g. IS team CoB coordinator, Management Control Assessment tester, local regulatory report coordinator etc. Show less

  • Information Technology Risk Manager

    May 2018 - now

  • Information Security Manager

    Aug 2014 - May 2018