免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
最近访问板块
查看: 1029 | 回复: 2

外企急聘:Manager / Lead Manager, Information Security Risk Management, SA&A [复制链接]

论坛徽章:
0
发表于 2010-06-01 19:14 |显示全部楼层
Position – Manager / Lead Manager, Information Security Risk Management, SA&A        
Reporting To – Group Manager - Information Security Risk Management, SA&A

Number of years relevant experience – 6 to 10 years

Scope of responsibilities –  APAC region ( China,  Australia, rest of APAC)

Proposed Job Responsibilities –

1.        Work with the local teams as part of SA&A Risk Management team to facilitate –
• Risk analysis of services and assets
• Implementation of risk mitigating controls
• Measurement of control effectiveness through metrics
• Effective closure of all internal/external audit observations
• Requirements sign off and UAT from security perspective, for IS applications owned by the concerned BEF or subsidiary specific internal applications.
• Implementation of controls for compliance with SOX, FISAP or equivalent requirements
2.        Work with the delivery account / process teams within the subsidiary to facilitate –
• Assistance to delivery accounts to ensure and track compliance with contractual requirements from information security perspective
• Providing information security expert assistance for audit/visit by customer/prospect
• Effective closure of all internal/external audit observations
• Measurement of control effectiveness through metrics at a delivery account level
• Providing information security expert assistance to delivery accounts for external audits e.g. ISO 27001, SAS70, PCI etc
3.        Provide assistance to SA&A Risk Management Team activities e.g. creating security awareness in the subsidiary
4.        Provide support and seek assistance from SA&A Audits & Assurance Team for scheduling internal systems and process audits.
5.        Provide support and seek assistance from SA&A Engineering team for issues related to secure system/network configuration, secure technology evaluation and forensic investigation.
6.        Provide support and seek assistance from SA&A Incident Management Team for issues related to security incident management.

Pre-requisites –

1.        Must have information security implementation related experience of 6 to 10 years.
2.        Must have good understanding of information security related standards like ISO 27001, PCI, COBIT
3.        Relevant certifications like CISA, CISSP, CISM, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer would be preferred.
4.        Should have good understanding of basic concepts of networking, TCP/IP, Security issues in operating systems (e.g. Microsoft Windows), information security risks in networks, systems and processes etc.
5.        Previous hands on experience in terms of IT systems integration, administration or network design etc. would be additional advantage.
6.        Should have keen interest to learn about new trends in information security and ability to apply the knowledge to identify and mitigate new areas of risks.
7.        Should have the ability to manage projects involving cross functional teams.
8.        Should have excellent communications skills in English and Mandarin languages.
9.        Should be a good team player since this involves working with geographically distributed teams.
10.        Must have ability to understand IP laws and protection mechanisms in China and Australia.
11.        Should have the ability to bring experience of progressive Information Security practices from the region.
12.        Should have about 6 – 10 experience in working with multinational companies; with demonstrated ability to effectively interact in the region (Primarily China and Australia).


单位地:上海浦东。张江
有意的朋友简历请投至: hunter@wide-keen.com
或MSN交流:Belindawq@hotmail.com
或电话沟通:021-63081762

论坛徽章:
0
发表于 2010-06-02 10:38 |显示全部楼层
UP............

论坛徽章:
0
发表于 2010-06-04 09:28 |显示全部楼层
up
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP