Career Profile

A geek guy with various domain experiences in Backend Development, Mobile Development and Infrastructure Technologies management.

  • Golang/Python Developement
  • MDM solution consultant
  • Networking Management
  • DevOps CI/CD
  • Container management
  • Kubernetes management
  • Ham Radio amateur player with callsign BM2OEH

Experiences

Information Security Engineer

Mar. 2023 - Present (1 yr 7 mos)
KlickKlack Co., Ltd. Taipei, Taiwan

Research for MDM solutions to resolving customers’ management and security related issues and also planning for MDM deployment to customers

  • Research solutions to assist clients in achieving CIS Benchmarks and ISO compliance requirements
  • Lead to suggest customer to integration with MDM and/or Endpoint Security solutions
  • Remote management solutions consultant
  • Lead and develop Cloud Webhooks to achieve the following goals
    • Manage and deploy eSIM Plan (Cellular Network Plans) to endpoint devices
    • Issue remote commands to rename computers or devices using templates and any available attribute field data
    • Determine whether it is in the allowed list by detecting IP changes, and automatically restrict any managed equipment and devices based on the list
  • TBA for addition detail

Site Reliability Engineer

Nov. 2021 - Feb. 2023 (1 yr 3 mos)
OneDegree Hong Kong Limited Taipei, Taiwan

Manage deployments/releases which related with IXT (OneDegree Insurance Platform) on Azure Cloud and monitoring services

  • Research solutions for improvement of CI/CD and infrastructures
  • Assistant with QA doing stress test with IXT systems
  • Re-Organize existing of container registry (ACR) cleanup script
  • Cooperate with Cybersecurity team to diagnosis log4j related security issues on products and result found for no impact
  • CI/CD alignment
  • Cooperate with frontend to resolve CSR and SSG related issues
  • Making non-root container for customer which uses OpenStack infrastructure
  • Migrate Kubernetes into Knative infrastructure and integrate Azure AD authentication with Azure RBAC

CTO, Co-Founder

Mar. 2021 - Present (3 yrs 7 mos)
Walks Cloud Inc. Taipei, Taiwan

MIS Outsourcing undertake, build customer premises network planning and construction, information equipment inventory and asset management

  • Lead and implement a product to managed cloud identities solution, and helps to integrated environment with networking authentication together
  • Lead and design for structure networking infrastructure constructure
  • MDM solutions consultant and management agent service
  • TBA for addition detail

Systems Engineer

Aug. 2018 - Mar. 2021 (2 yrs 8 mos)
TeamT5 Inc. Taipei, Taiwan

Manage private Virtual Machine Farms (VMF), office networking, infrastructures and service reliability. Re-design/Relocate the server room layout to save the energy waste, and manage.

  • Use GitLab CI to manage private DNS config and record through config test and deploy stage
  • Set up the Polycom (SCCP) and SIP Phones via free version of Elastix PBX
  • Improve the network sensitivity by blocking cross VLAN communication capability to specified network
  • Monitoring the server and its services status by using Grafana to create a dashboard
    • Lead to developing a toolset to push services information and statistics to InfluxDB server and display on Grafana
  • Manage networking bandwidth usage through LibreNMS system
  • Use BGP (Border Gateway Protocol) to make specified routing rules for route traffic to a dedicated address outbound
  • Lead to deploy virtual machine and virtual container into PROXMOX VE Server
  • Planning networking for office relocation
  • Planning and integrate the Server Room for relocation to IDC
  • Lead to migrate Hardword RAID Storage Pools to Ceph Clusters
  • Lead and design VLAN policies and IP access list (IP ACL)
  • Lead to plan and migrate networking devices to enlarge the scaling from 400 concurrent hosts to 1,500+
  • Lead to deploy autonomous system networking with 4 AS numbers by a /23 length final/8 IP address
    • Planning to connect with dual or more ISPs to make AS networking more reliability
    • Setting route object and domain object to resolve PTR request for mailing services
  • Deploy Mail Relay Gateway by using PROXMOX Mail Gateway
    • Add DKIM (DomainKeys Identified Mail) and TLS Encryption to prevention internal mail dropped by Google Mail Service

Site Reliability Engineer

Dec. 2017 - May. 2018 (6 mos)
Rayark Inc. Taipei, Taiwan

Deploy and manage the REST API Server Perform the load test and volume test on GKE (Google Cloud Kubernetes) and GCP (Google Compute Engine)

  • Deploy the REST API Server with the calculated HPA(Horizontal Pod Autoscaler) configuration
  • Re-Configure the GCP Firewall settings to preven database being unauthroized accessment
  • Perform load and volume test by rebuilding bandbox in whole system
  • Make Golang program to have more verbose for debugging (incl. CI/CD environment variables)
  • Tune CI/CD flow for GKE project deployment

Software Developer

Jul. 2013 - Nov. 2017 (4 yrs 5 mos)
Koo Foundation Sun Yat-Sen Cancer Center (KFSYSCC) Taipei, Taiwan

Consolidate team members’ ideas to have problem solution through system architecture and/or framework. Improve workflow of management issues by using in-house developed software.

  • Maintain in-house GitLab server to have git repositories and CI/CD services been available for all designers.
  • Improve communication among colleagues and do cost analysis easier by using Redmine.
  • Lead a team to design and implement a WebAPI server, in 2014, to have the client library generation feature for JavaScript and Objective-C (iOS) written in C#, which makes the server be stable 3 and half years.
  • Promote the server in Python w/ SQL command cache feature to have in-line development, in 2017, which allows to update the command text w/o restart the server
  • Make higher maintainability among Windows Applications and Web Applications by integrating common business logics into WebAPI server
  • Provide centralized management tool for designers to test and read the self-generated manual on the WebAPI Server
  • Implement a codepage converting system on WebAPI server to convert Private Use Area (PUA) characters between BIG5 and UTF-8 by using iconv (UTF-8 and BIG5) codepage and CNS11643 mapping table
  • Create Docker image to strip the whole service into microservice architecture
  • Combined Python-based WebAPI server into Linux-based image with Nginx web server and uWSGI proxy which communicates between client and the WebAPI server
  • Administrate WebAPI server and manage software security and quality by using CI/CD for all projects
  • Administrate all merge requests and improve the software quality of projects by doing code review
  • Study the frontend and backend technology, then, provide training courses of development experience and suggestion to colleagues
  • Highlight low performance SQL commands, then, improve these defect by either rewriting command or modifying schemas on Oracle DB and PostgreSQL
  • Validate the services of security and compatibility on servers and then generate the management report of all customer devices by using testssl.sh
  • Deploy MDM (Mobile Devices Management) to manage 180+ iOS devices to have in-house enterprise apps been pre-installed

System Administrator (part-time)

Jul. 2011 - Jul. 2013 (2 yrs 1 mo)
National Taipei University of Nursing and Health Sciences (NTUNHS), Department of Information Management Taipei, Taiwan

Deploy and administrate Active Directory in laboratory

Software Engineering Intern (part-time)

Jul. 2007 - Sep. 2009 (2 yrs 3 mos)
Cathay General Hospital (C.G.H.) Taipei, Taiwan

Use PHP, MySQL and IBM DB2 to design and develop an integrated Healthcare Information System (HIS) for taking care in-patient. (Note: this system was renamed to be i-Mobile Medical Information System formally and won the National Health Science and Technology Quality Bronze Award in 2013)

Solution Developer

Aug. 2011 - Jun. 2017 (5 yrs 11 mos)
CPRTeam Taipei, Taiwan

Configure wireless network to Internet network for conference with 500+ to 1,500+ attendees

  • Provide network services for COSCUP, in 2013 at TICC, without being qualified hardwares, by building 36 Virtual Machines (m0n0wall software router) within 15 minutes to serve 1,400+ attendees by 36 different configurations
  • Create Open Source Codes for projects, such as handheld radio asset management, in CPRTeam’s repository

Volunteering Experience and Projects

Wedding Invitation Page for myself - A Page using Vuetify framework to build and apply modified template from network, with pre-rendered 3D animation playback 4K resolution MP4 on page background
OPass app (CCIP Pass) Developer -

OPass aka. CCIP Pass (Community Check-in with Interactivity Project) app provides a self-checkin application on mobile to save manpower to check the attendee ticket, and let the attendees have more opportunities to interact with other features(e.g. Puzzle Game, Booth Reward Activity)

Skills

Jamf Management Engineer

Sep. 11 2024 - Sep. 11 2026 (2 yrs 0 mos)
Jamf Partner: Management Engineer

Jamf Management Consultant

Sep. 11 2024 - Sep. 11 2026 (2 yrs 0 mos)
Jamf Partner: Management Consultant

Jamf Ambassador

Mar. 15 2024 - Mar. 15 2026 (2 yrs 0 mos)
Jamf Partner: Ambassador

Jamf 300

Jun. 01 2023 - Present (1 yr 4 mos)
202303-52157
Jamf Certified Admin: Jamf Pro Version 10

Jamf 370

Apr. 20 2023 - Apr. 20 2025 (2 yrs 0 mos)
202303-52156
Jamf Certified Endpoint Security Admin Certificate

Jamf 200

Mar. 16 2023 - Present (1 yr 6 mos)
202302-51625
Jamf Certified Tech: Jamf Pro Version 10

AZ-104

Aug. 10 2022 - Aug. 11 2023 (1 yr 0 mos)
I378-6155
Microsoft Certified: Azure Administrator Associate
Rust Golang Grafana Prometheus InfluxDB DynamoDB PostgreSQL MongoDB Python Swift Objective-C Git Bash macOS Linux GitLab GitLab CI Docker Kubernetes Nginx MySQL Oracle DB C# IBM DB2 blender 3ds Max

Education

Master Degree, Department of Information Management

2011 - 2013
National Taipei University of Nursing and Health Sciences (NTUNHS)

  • Study Healthcare and Informatics, Software Engineering
  • Study and develop a template system to read HL7 (Health Level 7) CDA® R2 (Clinical Document Architecture Release 2) XML into HTML5 Canvas directly and layout a WYSIWYG (What You See Is What You Get) document by using Web Component technologies

Bachelor Degree, Department of Information Engineering and Informatics

2007 - 2011

Tzu Chi College of Technology (TCCT)

Tzu Chi University of Science and Technology (TCUST, Renamed in 2015)

  • Study Software Engineering and RFID related software development
  • Study HTML5 related software development, and create an interactive website w/o using any Flash technology

Peering

Haraguroicha Internet Service (AS57429) Peering Information

Please kindly contact with 腹黒い茶 for peering operations.

Haraguroicha Internet Service (AS212359) Peering Information

Please kindly contact with 腹黒い茶 for peering operations.

Locations

OriginPortServices
New Taipei, TW100Mbps
  • WireGuard
  • GRE
  • IPSec
Taipei, TW100Mbps
  • WireGuard
  • GRE
  • IPSec
Taichung, TW100Mbps
  • GRE
  • IPSec
Tokyo, JP10Gbps
  • WireGuard
  • GRE
  • IPSec
Fremont, US1Gbps
  • direct in LL-IX
  • direct in Lambda Internet Exchange
  • WireGuard
  • GRE
  • IPSec

IX

IXPPortAddresses
LL-IX1Gbps
  • 5.101.92.218
  • 2001:678:4fc::92:218
Lambda Internet Exchange1Gbps
  • 149.112.26.7
  • 2a0f:607:1070::7
Dark Mode