China IT Security Manager
上海任仕达人才服务有限公司
- 公司规模:150-500人
- 公司性质:外资(欧美)
- 公司行业:专业服务(咨询、人力资源、财会)
职位信息
- 发布日期:2012-08-17
- 工作地点:上海
- 招聘人数:1
- 工作经验:五年以上
- 学历要求:本科
- 职位类别:信息技术经理/主管
职位描述
Position: China IT Security Manager
Report to: China IT Head
Subordinates: 1-2
Location: Shanghai
Responsibilities:
? The IT Security Manager performs two core functions for the enterprise. The first is overseeing the operations of the enterprise's security solutions through management of the organization's security analysts.
? The second is establishing an enterprise security stance through policy, architecture and training processes. Secondary tasks will include the selection of appropriate security solutions, and oversight of any vulnerability audits and assessments. The IT Security Manager is expected to interface with peers in the Systems and Network departments as well as with the leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.
? Strategy & Planning
? Create and maintain the enterprise's security architecture design.
? Create, and maintain the enterprise's security awareness training program.
? Create and maintain the enterprise's security documents (policies, standards, baselines, guidelines and procedures).
? Create and maintain the enterprise's Business Continuity Plan and Disaster Recovery Plan, where appropriate.
? Acquisition & Deployment
? Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
? Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise's existing procurement processes.
? Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.
? Operational Management
? Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
? Ensure the enforcement of enterprise security documents.
? Supervise all investigations into problematic activity and provide on-going communication with senior management.
? Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
? Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
? Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
Requirements:
? Formal Education & Certification
? College diploma or university degree in the field of computer science and/or 5 years equivalent work experience.
? One or more of the following certifications:
? GIAC Security Essentials Certification
? GIAC Security Leadership Certification
? ISACA Certified Information Security Manager
? Microsoft Certified Systems Engineer: Security
? (ISC)2 SCCP
? (ISC)2 CISSP
? (ISC)2 ISSAP
? Knowledge & Experience
? Extensive experience in enterprise security architecture design.
? Extensive experience in enterprise security document creation.
? Experience in designing and delivering employee security awareness training.
? Experience in developing Business Continuity Plans and Disaster Recovery Plans.
? Experience in managing of staff of 5 to 100 individuals
? Experience in data center, network and client services and operation
? Working technical knowledge of front end and back end environment
? Working technical knowledge of encryption solution
? Strong understanding of IP, TCP/IP, and other network administration protocols.
? Familiarity with qualys, ePO, SCCM, WSUS, and other control systej
? Familiarity with ERP application such as kingdee, UFida or SAP
? Personal Attributes
? Proven analytical and problem-solving abilities.
? Ability to effectively prioritize and execute tasks in a high-pressure environment.
? Good written, oral, and interpersonal communication skills.
? Ability to conduct research into IT security issues and products as required.
? Ability to present ideas in business-friendly and user-friendly language.
? Highly self motivated and directed.
? Keen attention to detail.
? Team-oriented and skilled in working within a collaborative environment.
? Work Conditions
? 40-hour on-site work week with on-call availability for 5 days per month.
? 30-40 % travel required.
? Sitting for extended periods of time.
? Sufficient dexterity of hands and fingers to efficiently operate a computer keyboard, mouse, power tools, and other computer components.
Mail to: Phoebe.wang@randstad.cn
Report to: China IT Head
Subordinates: 1-2
Location: Shanghai
Responsibilities:
? The IT Security Manager performs two core functions for the enterprise. The first is overseeing the operations of the enterprise's security solutions through management of the organization's security analysts.
? The second is establishing an enterprise security stance through policy, architecture and training processes. Secondary tasks will include the selection of appropriate security solutions, and oversight of any vulnerability audits and assessments. The IT Security Manager is expected to interface with peers in the Systems and Network departments as well as with the leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.
? Strategy & Planning
? Create and maintain the enterprise's security architecture design.
? Create, and maintain the enterprise's security awareness training program.
? Create and maintain the enterprise's security documents (policies, standards, baselines, guidelines and procedures).
? Create and maintain the enterprise's Business Continuity Plan and Disaster Recovery Plan, where appropriate.
? Acquisition & Deployment
? Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
? Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise's existing procurement processes.
? Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.
? Operational Management
? Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
? Ensure the enforcement of enterprise security documents.
? Supervise all investigations into problematic activity and provide on-going communication with senior management.
? Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
? Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
? Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
Requirements:
? Formal Education & Certification
? College diploma or university degree in the field of computer science and/or 5 years equivalent work experience.
? One or more of the following certifications:
? GIAC Security Essentials Certification
? GIAC Security Leadership Certification
? ISACA Certified Information Security Manager
? Microsoft Certified Systems Engineer: Security
? (ISC)2 SCCP
? (ISC)2 CISSP
? (ISC)2 ISSAP
? Knowledge & Experience
? Extensive experience in enterprise security architecture design.
? Extensive experience in enterprise security document creation.
? Experience in designing and delivering employee security awareness training.
? Experience in developing Business Continuity Plans and Disaster Recovery Plans.
? Experience in managing of staff of 5 to 100 individuals
? Experience in data center, network and client services and operation
? Working technical knowledge of front end and back end environment
? Working technical knowledge of encryption solution
? Strong understanding of IP, TCP/IP, and other network administration protocols.
? Familiarity with qualys, ePO, SCCM, WSUS, and other control systej
? Familiarity with ERP application such as kingdee, UFida or SAP
? Personal Attributes
? Proven analytical and problem-solving abilities.
? Ability to effectively prioritize and execute tasks in a high-pressure environment.
? Good written, oral, and interpersonal communication skills.
? Ability to conduct research into IT security issues and products as required.
? Ability to present ideas in business-friendly and user-friendly language.
? Highly self motivated and directed.
? Keen attention to detail.
? Team-oriented and skilled in working within a collaborative environment.
? Work Conditions
? 40-hour on-site work week with on-call availability for 5 days per month.
? 30-40 % travel required.
? Sitting for extended periods of time.
? Sufficient dexterity of hands and fingers to efficiently operate a computer keyboard, mouse, power tools, and other computer components.
Mail to: Phoebe.wang@randstad.cn
公司介绍
www.randstad.cn
联系方式
- 公司地址:梅园路77号
- 邮政编码:200070