1. Purpose of the Job

1. Manage the China BU IT security operations and compliance, be the focal point for all security operation & compliance aspects, work with global teams, APAC function teams and supplier vendors to ensure the smooth implementation of strategic (security) policies, sustainable security operations and IT compliance.

2. Business environment

l Aligning business operations against customer requirements across APAC zone is a top priority-we face intense competition, we are working to roll out better coordinated programs, and we are working to manage our networks more strongly as networks l To achieve better integration and win with customers, we are implementing new structures and coordinating existing initiatives. l Effective management of multiple IT/IS projects and service operations requires strong daily, weekly, and monthly coordination and administrative support

3. Accountabilities

1. Define, improve and implement information security policies, standards, procedures in BU China aligning with Global and APAC zone policies and standards 2. As focal point with global teams, drive and coordinate local teams to ensure effective process and security controls in place on all security operation areas include but not limit to Endpoint Protection, Cyber security, VMS, Penetration Test, system hardening, security awareness training etc., aligning with KPI targets 3. As focal point with global SOC team and local teams to conduct system vulnerabilities mgmt., drive, coordinate and provide professional guidance to responsible local teams and supplier vendors to fix identified vulnerabilities on existing or any new system 4. Ensure an effective process in place, drive and coordinate responsible teams for identified security incidents response and resolution 5. As focal point to work with global compliance teams and drive local teams to meet IT compliance requirements as UAM, license mgmt. Code Review, Data Privacy, BCM etc., aligning with internal KPI targets and external audit regulations 6. Work with Enterprise Architect team for new security & compliance solution projects, advice and support from operation perspective 7. Managing and control owned security budget package

4. Qualifications and Technical competencies required

Education 1. College and above in Information System, Computer Science, Information Technology, etc. Experience 1. At least 5 years’ experience in security operation areas 2. Experience in drive and coordinate between multiple global and local cross-function teams 3. Experience in IT risk and compliance mgmt. is preferred Technical competencies: 1. Professional experience, ideally with security background either in security operation and compliance. 2. In-depth knowledge of network security, volubility mgmt. is preferred 3. Knowledge of cyber and information security framework, principals, general IT controls (E.g., business continuity and change management) 4. Strong communication and coodination skills, good written and spoken English skill 5. Ability to work independently and objectively to challenges within a fast changing environment, 6. Security certifications such as CISSP, CISM or CISA preferred

上班地址：三丰大厦