Функция: Информационные системы

Тип занятости: Полный рабочий день

Место расположения: Shanghai - Shanghai

Страна: China

The role is responsible for identifying, assessing, evaluating and monitoring the IT security operation risks within the team by covering all relevant functions like the infrastructure team, digital team etc. to enable the enhancement of the overall security posture of the organization.


This role work closely with a wide range of audiences of 14 countries of the zone, the target audiences may include but not limited to: chief information security officer, infrastructure team, digital team etc. The major directive of this position is to identify and report IT security operation risks to senior management team.


  • Good exposure in IT security operation management, skillful in running the security projects to reduce the identified risks
  • Good exposure in IT security risk management, capable to develop and implement an ongoing IT risk management program focus on IT security posture across countries
  • Good understanding and skillful in implementing security controls over the external/internal computing environment, e.g. servers, firewalls, applications, workstations etc.
  • Skillful in developing and maintaining the security operation standards, benchmark, tracking and reporting mechanism
  • Skillful in developing and maintaining the IT security operation processes and procedures, e.g. Security Patch Management, Vulnerability Scan, Security Health Check, Privilege ID Management, Firefighter ID Management, Continue Business Need Validation, Security Incident Management, User ID and Access Administration Management, System Activation/Deactivation Management etc.
  • Good understanding in web, mobile app security against the OWASP Top 10 and skillful in the penetration test tools like Burp Suite, Nessus, Acunetix, Metasploit etc.
  • Skillful on the specific solutions like: Enterprise-wide Identity & Access Management (I&AM), Data Loss Prevention (DLP) and Security Information & Event Management (SIEM) solutions etc.
  • Responsible for various IT security operation projects as assigned from whatever local and global