Associate- Cybersecurity- Risk assurance-Assurance (职位编号:14618BR)
PwC 普华永道
- 公司规模:1000-5000人
- 公司性质:外资(欧美)
- 公司行业:专业服务(咨询、人力资源、财会)
职位信息
- 发布日期:2017-05-30
- 工作地点:北京
- 招聘人数:若干人
- 学历要求:本科
- 语言要求:英语 熟练 普通话 熟练
- 职位类别:产品专员 电子商务专员
职位描述
职位描述:
About Assurance
PwC's Assurance professionals ask questions, test assumptions, and evaluate whether companies are reporting information that investors and others can rely on. We combine deep technical skills and sector experience to help our clients address the challenges of a rapidly changing environment and strengthen their businesses.
We inspire a movement of trust that creates lasting confidence in business and beyond. In addition to our core financial audit services, we provide Assurance services in areas where trust is needed most – such as Food Supply and Integrity Services, and Engineering Cost Assurance. We go beyond the obvious and develop real understanding and insight into a client’s markets, technology, people and management, and ultimately help to build greater trust in society.
Job responsibility:
· Key responsibilities include: designing, assessing and implementing technology risk and information security management framework, policies, standards, procedures and solutions such as Enterprise-wide Identity & Access Management (I&AM), Data Loss Prevention (DLP) and Security Information & Event Management (SIEM) solutions, using ISO27001, ISO20000 and CoBIT as the internationally recognised information security and IT service management standards,
· analysing complex client server systems and multi-platform infrastructure and application systems (including operating system, database, web server, firewall and router, electronic trading / banking systems, etc.),
· providing assurance over the operations and approach of management service providers in any outsourcing of the IT function, and
· establishing risk governance recommendations on emerging policies to support development of new procedures and methodologies to minimise risks.
Responsibility:
· University degree majoring in accounting, business administration, information systems, computer science, engineering, statistics, accounting, and / or business administration;
· Professional qualifications: CISA, CISM, CISSP, CEH, CISP or other security related qualifications;
· Practical experience and working knowledge in two or more of the following - business & system processes review, IT auditing, information security management, IT / technology risk management, design and implementation of security solutions such as I&AM, DLP and SIEM, network and system penetration testing, application security testing and code review;
· Familiar with security and control for technologies / enterprise applications: Unix, Windows, Firewall, Routers, SAP, Oracle, Hyperion and/ or evaluating and implementing information security management, IT service management and IT governance framework using ISO27001, ISO20000, ITIL and COBIT respectively;
· Strong fluency in information technology general controls concepts in the areas of systems development, change management, computer operations and access to programs and data; ability to identify and assess business process controls and linkage to IT systems;
· Familiar with security and control for technologies: Unix, Windows, database, Firewall, Router, mobile technologies (e.g., IOS, Android), etc.;
· Excellent communication skills in both oral and written English and Chinese;
· Flexible, self-starter possessing intellectual curiosity;
举报
分享
About Assurance
PwC's Assurance professionals ask questions, test assumptions, and evaluate whether companies are reporting information that investors and others can rely on. We combine deep technical skills and sector experience to help our clients address the challenges of a rapidly changing environment and strengthen their businesses.
We inspire a movement of trust that creates lasting confidence in business and beyond. In addition to our core financial audit services, we provide Assurance services in areas where trust is needed most – such as Food Supply and Integrity Services, and Engineering Cost Assurance. We go beyond the obvious and develop real understanding and insight into a client’s markets, technology, people and management, and ultimately help to build greater trust in society.
Job responsibility:
· Key responsibilities include: designing, assessing and implementing technology risk and information security management framework, policies, standards, procedures and solutions such as Enterprise-wide Identity & Access Management (I&AM), Data Loss Prevention (DLP) and Security Information & Event Management (SIEM) solutions, using ISO27001, ISO20000 and CoBIT as the internationally recognised information security and IT service management standards,
· analysing complex client server systems and multi-platform infrastructure and application systems (including operating system, database, web server, firewall and router, electronic trading / banking systems, etc.),
· providing assurance over the operations and approach of management service providers in any outsourcing of the IT function, and
· establishing risk governance recommendations on emerging policies to support development of new procedures and methodologies to minimise risks.
Responsibility:
· University degree majoring in accounting, business administration, information systems, computer science, engineering, statistics, accounting, and / or business administration;
· Professional qualifications: CISA, CISM, CISSP, CEH, CISP or other security related qualifications;
· Practical experience and working knowledge in two or more of the following - business & system processes review, IT auditing, information security management, IT / technology risk management, design and implementation of security solutions such as I&AM, DLP and SIEM, network and system penetration testing, application security testing and code review;
· Familiar with security and control for technologies / enterprise applications: Unix, Windows, Firewall, Routers, SAP, Oracle, Hyperion and/ or evaluating and implementing information security management, IT service management and IT governance framework using ISO27001, ISO20000, ITIL and COBIT respectively;
· Strong fluency in information technology general controls concepts in the areas of systems development, change management, computer operations and access to programs and data; ability to identify and assess business process controls and linkage to IT systems;
· Familiar with security and control for technologies: Unix, Windows, database, Firewall, Router, mobile technologies (e.g., IOS, Android), etc.;
· Excellent communication skills in both oral and written English and Chinese;
· Flexible, self-starter possessing intellectual curiosity;
职能类别: 产品专员 电子商务专员
公司介绍
普华永道 - 中国內地、中国香港及中国澳门
普华永道中国內地、中国香港及中国澳门成员机构根据各地适用的法律协作运营。整体而言,员工总数超过17,000人,其中包括超过600名合伙人。
无论客户身在何处,普华永道均能提供所需的专业意见。我们实务经验丰富、高素质的专业团队能聆听各种意见,帮助客户解决业务问题,发掘并把握机遇。我们的行业专业化有助于就客户关注的领域共创解决方案。
我们分布于以下城市:北京、上海、香港、沈阳、天津、大连、济南、青岛、郑州、西安、南京、合肥、苏州、武汉、成都、杭州、宁波、重庆、长沙、昆明、厦门、广州、深圳、澳门、海口。
普华永道中国內地、中国香港及中国澳门成员机构根据各地适用的法律协作运营。整体而言,员工总数超过17,000人,其中包括超过600名合伙人。
无论客户身在何处,普华永道均能提供所需的专业意见。我们实务经验丰富、高素质的专业团队能聆听各种意见,帮助客户解决业务问题,发掘并把握机遇。我们的行业专业化有助于就客户关注的领域共创解决方案。
我们分布于以下城市:北京、上海、香港、沈阳、天津、大连、济南、青岛、郑州、西安、南京、合肥、苏州、武汉、成都、杭州、宁波、重庆、长沙、昆明、厦门、广州、深圳、澳门、海口。
联系方式
- Email:honglin.h.zhang@cn.pwc.com
- 公司地址:浦东新区东育路588号