IT Consultant - testing - 20190814
百济神州(北京)生物科技有限公司
- 公司规模:5000-10000人
- 公司性质:外资(欧美)
- 公司行业:制药/生物工程
职位信息
- 发布日期:2019-08-27
- 工作地点:上海
- 招聘人数:1人
- 工作经验:无工作经验
- 学历要求:招1人
- 语言要求:不限
- 职位类别:其他
职位描述
· Ensures adherence to BeiGene Information Technology policies, standards and procedures
· Executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company data or systems
· Correlates actionable security events, performs network traffic analysis using raw packet data, net flow, IDS/IPS, etc.
· Describes, tests and validates security measures active on security infrastructure devices for the protection of computer systems, networks and information systems
· Performs regularly scheduled vulnerability scans and prepares associated reports
· Assists with security risk assessments and vulnerability evaluations
· Coordinates and performs periodic penetration testing to determine vulnerabilities and appropriate controls to prevent, detect or respond to future events
· Determines security violations and inefficiencies through security tests, evaluations and internal audits.
· Helps to conduct compliance assessments to ensure security of information systems; develops and maintains documentation
· Performs incident response, investigation, analysis, resolution and reporting activities
· Assists to identify intrusion or incident method, preserves evidence and drafts investigation reports
· Participates in root cause analysis of critical security events to improve processes
· Coordinates and delivers security awareness training
· Monitors sources (e.g. NVD, IAVA, IAVB, OTX) for new vulnerabilities
职位要求:
· 5 years of experience in information security operations and information security principles/practices including concepts, methods and procedures
· Strong hands-on experience with implementing and monitoring security methods and control techniques such as firewalls, ***, IDS/IPS, VPN, DLP, SIEM, file integrity monitoring, vulnerability scanning, penetration testing, data encryption, backup and disaster recovery, or other security-related technologies
· Strong experience in monitoring, researching, resolving and security incidents
· Strong experience in root cause analysis of security events/breaches and performing incident response, investigation, analysis, forensics, resolution and reporting
· Experience in designing, reviewing, and auditing secure network, systems, and application architectures
· Working experience with utilizing SIEM systems such as AlienVault, Splunk or similar
· Experience with executing security controls, defenses and countermeasures to intercept and prevent attempts or attacks
· Experience in conducting risks assessments and vulnerability evaluations
Preferred:
· Knowledge of and working experience with NIST, ISO, SOX, GMP, and/or other recognized industry security frameworks and compliance standards and best practices
· Experience with E-mail security and archiving solutions such as Mimecast, Proofpoint or similar
· Experience with security in DNS, DHCP, TCP/IP, Active Directory, and network topologies
· Experience with AWS Azure/O365 and cloud PaaS security
· Relevant industry certification(s), such as: Cisco CCNA/CCNP Security, CEH, CISSP, ISSAP/ISSEP
· Executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company data or systems
· Correlates actionable security events, performs network traffic analysis using raw packet data, net flow, IDS/IPS, etc.
· Describes, tests and validates security measures active on security infrastructure devices for the protection of computer systems, networks and information systems
· Performs regularly scheduled vulnerability scans and prepares associated reports
· Assists with security risk assessments and vulnerability evaluations
· Coordinates and performs periodic penetration testing to determine vulnerabilities and appropriate controls to prevent, detect or respond to future events
· Determines security violations and inefficiencies through security tests, evaluations and internal audits.
· Helps to conduct compliance assessments to ensure security of information systems; develops and maintains documentation
· Performs incident response, investigation, analysis, resolution and reporting activities
· Assists to identify intrusion or incident method, preserves evidence and drafts investigation reports
· Participates in root cause analysis of critical security events to improve processes
· Coordinates and delivers security awareness training
· Monitors sources (e.g. NVD, IAVA, IAVB, OTX) for new vulnerabilities
职位要求:
· 5 years of experience in information security operations and information security principles/practices including concepts, methods and procedures
· Strong hands-on experience with implementing and monitoring security methods and control techniques such as firewalls, ***, IDS/IPS, VPN, DLP, SIEM, file integrity monitoring, vulnerability scanning, penetration testing, data encryption, backup and disaster recovery, or other security-related technologies
· Strong experience in monitoring, researching, resolving and security incidents
· Strong experience in root cause analysis of security events/breaches and performing incident response, investigation, analysis, forensics, resolution and reporting
· Experience in designing, reviewing, and auditing secure network, systems, and application architectures
· Working experience with utilizing SIEM systems such as AlienVault, Splunk or similar
· Experience with executing security controls, defenses and countermeasures to intercept and prevent attempts or attacks
· Experience in conducting risks assessments and vulnerability evaluations
Preferred:
· Knowledge of and working experience with NIST, ISO, SOX, GMP, and/or other recognized industry security frameworks and compliance standards and best practices
· Experience with E-mail security and archiving solutions such as Mimecast, Proofpoint or similar
· Experience with security in DNS, DHCP, TCP/IP, Active Directory, and network topologies
· Experience with AWS Azure/O365 and cloud PaaS security
· Relevant industry certification(s), such as: Cisco CCNA/CCNP Security, CEH, CISSP, ISSAP/ISSEP
职能类别:其他
公司介绍
百济神州是一家立足于科学的全球性生物科技公司,专注于开发创新、可负担的药物,旨在为全球患者改善治疗效果,提高药物可及性。目前公司广泛的药物组合包括40多款临床候选药物。公司通过加强自主研发能力和合作,加速推进多元、创新的药物管线开发。我们致力于在2030年前为全球20多亿人全面改善药物可及性。百济神州在全球五大洲打造了一支超过8,000人的团队。
联系方式
- Email:shan.liu@beigene.com
- 公司地址:昌平区生命科学园 (邮编:102206)