工作职责：

• Work as part of the corporate security team to implement global security policies and standards in China.
• Maintain As-Is, To-Be security architecture, identify the gaps, recommend controls and implement approved security solutions.
• Develop and align security project plan with China key stakeholders and ensure security projects implementation in China.
• Produce and analyse security related data to support local and global reporting metrics.
• Develop and maintain China specific elements of global incident response plan.
• Lead China specific elements of incident response desktop exercises and simulations.
• Investigate security breaches and resolve cyber security incidents
• Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
• Work with security team to perform tests and uncover network vulnerabilities.
• Fix detected vulnerabilities to maintain a high-security standard.

任职资格：

• 8+ years of industry experience in an information security function.
• High level of English language skills (both written and spoken)
• Experience with security management processes, response playbooks, security assessments, and penetration testing
• Ability to identify and mitigate infrastructure vulnerabilities and explain how to avoid them.
• Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
• Expertise in anti-virus software, intrusion detection, firewalls and content filtering
• Knowledge of risk assessment tools, technologies and methods
• Expertise in designing security solutions for infrastructure, applications and endpoints.
• Experience in data backup and disaster recovery.
• Endpoint security solutions, including file integrity monitoring and data loss prevention
• Strong familiarity with ISO 27001 frameworks and Chinese cybersecurity protection level 2.0