长沙招聘

Position Description：

1. Understand Burger King cloud strategy and the technical roadmap on cloud

2. Support Group Security Architect to identify complaince gap when organization move to Azure. To meet Burger King compliance requirements via cloud adoption from technical standpoint. Understand Azure coompliance foundation, include Trustworthy technolog, compliance process investment and 3-party certification. Work with microsoft expert to meet Burger King specific compliance by Azure security architecture insight study, identify the choices and further feasibility study.

3. Put Cloud risk management in place with Microsoft Azure practice and compliant with Burger King Security requirement. Identify threats and vulnerabilities to the environment. Calculate risk. Report risks across the cloud environment. Address risks based on impact assessment and the associated business case. Test potential remediation effectiveness and calculate residual risk. Manage risks on an ongoing basis.

4. Accountable for Identity and access management on the cloud. Implement consistent discipline acrose on premise and Cloud with the guide of EUX, EP architect. Summarize identity provisioning requirement in terms of SaaS, PaaS and IaaS. Evaluate how to more securely automate the identity provisioning by using the current on-premises infrastructure. From federation standpoint, Evaluate the methods available and how to integrate these methods with the current on-premises infrastructure. Evaluate the organization’s requirement for SSO and how to integrate it with current apps. Evaluate cloud service provider profile management options and how these options map with the organization’s requirement. Evaluate cloud service provider options to control data access, Enforce Role-Based Access Control (RBAC).

5. Align with GOM and enforce operational security on cloud by incorporating organizational learning throughout the existing process and adopting industry standards and practices for cloud operations. Use a security information management approach in line with industry standards. Continuously update controls and mitigations to enhance the operation’s security.

6. Follow Microsoft and Burger King best practice to secure the data, E2E protect towards, from and on Cloud. Enforce data encryption on endpoint device no matter company assets or BYOD. Ensure that the data leave from endpoint and transit to cloud is still protected. Ensure redundancy and protection the data in the cloud provider’s servers, their storage infrastructure .understand cloud service provider performs data encryption at rest, approach of the key management and data redundancy. Enforce data encryption on the file itself and encrypt the transport layer.

Key Qualities Required ：

1. Multiple skills in Vulnerability Assessments, Intrusion Prevention and Detection, Access Control and Authorization, Policy enforcement, Application Security, Protocol Analysis, Firewall Rule sets, Incident Response, DLP, Encryption, Two-Factor Authentication, Web-filtering, Centralized Security Event Logging, Advanced Threat Protection, tools.

2. Excellent technical knowledge of mainstream operating systems (for example, Microsoft Windows and UNIX) and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, Anti-malware solutions, automated policy compliance and desktop security tools.

3. Web application security experience including OWASP vulnerabilities, browser security, java script security, Deep understanding of web application attacks including SQL, XSS, XXE, and other common security issues

4. Significant knowledge of TCP/IP, cryptographic protocols and algorithms, operating system internals and operations, and application level protocols. Ability to configure, operate, and understand the regular workings of the following: Apache, PHP, SSH, UNIX hosts, TLS, etc.

5. Solid Public Cloud product knowledge, AWS, Azure and so on. Well understanding IaaS, PaaS, SaaS and comparison to on premise IT System in terms of Security principle.

6. Good documentation skill.

Qualifications：

1. 3+ years relevant experience in IT domain, in an information-security related occupation, in Private, Public cloud operation or project or solution design. 

2. Experience with common information security management frameworks, such as International Standards Organization (ISO) 17799/27001 and the IT Infrastructure Library (ITIL), Control Objectives for Information and Related Technology (CobiT) and National Institute of Standards and Technology (NIST) frameworks.

3. University degree in Computer Science or other engineering field.

4. Speak fluent English and Chinese

汉堡王是全球知名的大型连锁餐饮企业，公司创始于1954年美国迈阿密，由James W. McLamore和David Edgerton两位共同创立，从此火烤牛肉开始了它的传奇之旅，汉堡王的特色“火烤”秘技给世界各地的消费者带来原汁原味的美式火烤牛肉风味。截止目前，汉堡王在全球100多个国家及地区经营着超过17000家门店。

作为引领潮流的汉堡专家，60多年来汉堡王对于“Taste is King美味才是王道”有着不懈追求与坚持。1957年一炮打响的旗舰产品“皇堡”改变了汉堡王的命运并继而成为广受欢迎的明星产品，在过去的半个多世纪里，皇堡作为汉堡王的明星产品，始终给消费者带来经典美味和无穷的创意。全球各地汉堡王相继推出了各种风味配料、新鲜组合，为皇堡家族增添不少变化和新意。皇堡，带着火烤的烙印，汁满料足，拥有221184种“我选我味”，每年销售2亿个，是受全世界欢迎的汉堡之一。

 2005年6月，汉堡王中国大陆***家门店在上海静安区正式开门纳客,之后几年，又相继登陆北京、深圳、广州、南京、杭州、天津等大中城市，汉堡王以“料多量足”、“真实地道”的纯正美式风味征服了越来越多的中国消费者，并迅速成为年轻人就餐的时尚新选择。为满足更多消费者的需求，从2013年开始汉堡王中国以每年新开200家左右门店的速度进入高速增长期，2019年年初开出1000家以上的餐厅，员工人数达到23000人，分布在全国100多个大中城市。

过去几年，汉堡王中国在保持强劲增长势头的同时，建立了自己特有的企业战略、产品系列、运营体系、人才梯队、管理系统；形成了汉堡王中国独有的企业文化，“有?冲劲，可?担当，要?主动，持?真我，筑?业绩，同?欢乐”已成为汉堡王中国伙伴们工作中的6个价值标尺;我们希望与汉堡王中国一同成长的伙伴具有“追求卓越、谦逊好学、全情投入”的人才特质，基于此，我们形成了“凭借优秀的人才，盈利的餐厅体系，提供最美味的汉堡，成为在中国领先的休闲快餐品牌”的公司愿景!

公司的高速发展离不开每一位伙伴，“人”是汉堡王的***财富！公司为每一位雇员都提供了全面且有竞争力的薪酬福利，并为在不同职业发展阶段的伙伴提供了国际化的培训体系、广阔的发展空间、丰富的认可和奖励项目；我们欢迎每一位充满活力、乐于挑战、敢想敢为的年轻人加入汉堡王，与我们一起共筑汉堡王的中国梦！
我选我味，我选我“未”！ 加入汉堡王，选择你的未来！
公司网站：*****************/