Fonction professionnelle: Information Systems

Type de poste: Fix Term

Type de contrat: Full - Time

Site: Shanghai

Pays: China

The role of IT Risk Manager – Digital is responsible for identifying, assessing, evaluating and monitoring the risk from IT digital standpoint to enable the enhancement of the overall security posture of the organization during digital transformation.


This role work closely with a wide range of audiences which include by not limited to: chief information security officer, digital team of zone and countries as well as the end users from business etc. The major directive of this position is to identify and report digital security risks to senior management team where necessary.


  • Enable the risk enabled environment, develop a digital risk awareness program and conduct training to ensure that all stakeholders understand the risk and contribute to the risk management process and to promote a risk-aware culture

  • Identification of digital security risks, communication and development of “best practice” solutions, and implementation of mitigating controls which consistent with company strategy

  • Coordinate on the security penetration tests against the web applications, following industry best practices in terms of remediation

  • Executes security controls to prevent attackers from obtaining the classified data of the company

  • Creates required information security process and completes requests in accordance with requirements

  • Promote the excise as risk based approach, provides timely, relevant updates and periodic reports as needed to senior leadership

  • Works to educate internal technical teams on identified threats and establishes a partnerships to aid in the remediation processes

  • Conduct security risk assessment from digital security point of view on our applications, the aspects includes digital assets management, social media security, logical access management etc.

  • Create and maintain a risk register to ensure that all identified risk factors are accounted for, and establish the benchmark as well as the information technology risks reporting dashboard in terms of highlight the risk profiles for countries

  • Validate the risk appetite and risk tolerance level with senior leadership and key stakeholders to ensure alignment

  • Responsible for various risk management projects as assigned from whatever from zone and/or global