(SLC E S)西门子(中国)有限公司能源领域IT部门 信息安全专员(上海)(137060)(职位编号:137060)
西门子(中国)有限公司 能源服务集团(E S)
- 公司性质:外资(欧美)
- 公司行业:石油/化工/矿产/地质 电力/水利
职位信息
- 发布日期:2013-07-11
- 工作地点:上海
- 招聘人数:若干
- 学历要求:本科
- 职位类别:信息技术专员 环境/健康/安全工程师(EHS)
职位描述
- From our Energy Sector, KSF, IT department, Siemens are looking to a senior information security coordinator.
What are my responsibilities?
Strategy & Planning
- Define an Information Security action plan with the InfoSec Executive, in line with the Siemens InfoSec requirements, and local regulatory requirements.
- Set up and maintain a group of ISAs (Information Security Advisors).
- Ensure that the ISA organization covers and supports all units adequately.
- Hold regular ISA meetings; provide the ISAs with the necessary IS documentation; train and support them on all InfoSec-related tasks.
- Support all company units in the region in any IS-related matters.
- Circulate InfoSec documentation, especially Corporate IS Guide.
- Ensure that InfoSec deficiency analyses, system checks and audits are conducted regularly.
- Implement InfoSec measures without delay.
- Contingency planning and testing are conducted regularly for all units.
- Server as primary contact for all InfoSec-related issues.
- Create and maintain InfoSec awareness.
- Prepare and circulate awareness material.
- Initiate and hold InfoSec training and briefing sessions.
Acquisition & Deployment
- Cooperate with ISEC ORG ISO of the country in all InfoSec--related technical or organizational matters and report major deficiencies or incidents without delay.
- Prepare regular InfoSec status reports, and submit them to the ISC of the country and the regional Managing Board.
- Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
Operational Management
- Promote the use of corporate services, e.g. VCC, CERT & Trust Centre.
- Ensure the enforcement of enterprise security documents
- Supervise all investigations into problematic activity and provide on-going communication with senior management.
- Supervise the design and execution of vulnerability assessments, penetration tests and security audits
- Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
- Resolve and drive for mitiagation of findings in regular Information Security Systems Scans (IPINS) with no escalation!
What do I need to qualify for this job?
- Formal Education & Certification
- College diploma or university degree in the field of computer science and/or 3/5 years equivalent work experience.
One or more of the following certifications:
- Microsoft Certified Systems Engineer: Security
- (ISC)2 CISSP (Certified Information Systems Security Professional)
- (ISC)2 ISSAP (Information Systems Security Architecture Professional )
- GIAC (Global Information Assurance Certification)
- ISACA (Information Systems Audit and Control Association)
Knowledge & Experience
- Experience in delivering employee security awareness training.
- Experience in developing Business Continuity Plans and Disaster Recovery Plans.
- Experience in data center, network and client services and operation
- Working technical knowledge of encryption solution
- Strong understanding of IP, TCP/IP, and other network administration protocols.
- Familiarity with qualys, ePO, SCCM, WSUS, and other control system
What else do I need to know?
- Personal Attributes
- Proven analytical and problem-solving abilities.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Good written, oral, and interpersonal communication skills.
- Ability to conduct research into IT security issues and products as required.
- Highly self-motivated and directed.
- Keen attention to detail.
- Team-oriented and skilled in working within a collaborative environment.
Contact
- If you have further questions regarding this job offer, please be free to contact our Recruiting Center website at: http://www.careers.siemens.com.cn/Career/Main_ch.html
提醒:
点击“西门子专属申请”,您将会进入西门子专属招聘系统,进入系统后您可以在页面右上方的下拉菜单,选择简体中文页面,并请遵循下面的规则设置您的系统密码。
密码设置规则:密码长度必须在8个字符以上,并且必须包含英文大写字母,小写字母和数字。例如:Ab123456