Fonction professionnelle: Information Systems

Type de poste: Permanent

Type de contrat: Full - Time

Site: Shanghai - Shanghai

Pays: China


1. Lead and manage the security governance, risk and control

2. Manage and maintain the measurement to monitor and report on the control effectiveness in all IT security area

3. Lead security risk management projects and work closely with other IT function teams to encourage the security concept and operation across the business process

4. Develop and maintain the IT security policies, standards and guidelines, and ensure the implementation to the business operation

5. Proactively introduce tools and systems in the risk and control operation and engage with IT/business partners to ensure the security controls

6. Conduct routine account management/review, contract review and audit/remediation follow-up

7. Setup information security awareness training programme



1. At least 5 years in information security field

2. Knowledge and understanding of information security frameworks and governance

3. Experience in the risk management and 3rd party security

4. Strong knowledge of access control, account management, data security management

5. Experience in security standard works and regulation (ISO27001, MLPS, CSL)

6. Good project management skill and communication skill

7. Security certification required, e.g. CISA, CISSP