高级信息安全工程师
上海药明康德新药开发有限公司
- 公司规模:10000人以上
- 公司性质:外资(欧美)
- 公司行业:制药/生物工程
职位信息
- 发布日期:2019-10-31
- 工作地点:上海-浦东新区
- 招聘人数:1人
- 工作经验:3-4年经验
- 学历要求:大专
- 职位月薪:1-2万/月
- 职位类别:信息技术专员
职位描述
工作职责:
1. Establishes and maintains strong relationships with IT and Business group leaders to understand goals, programs and strategic objectives.
2. Establishes and maintains the Corporate IT policies and processes, working closely with IT leadership team to institutionalize the responsibilities and procedures.
3. Engages in establishing and developing in-depth knowledge of WuXi Information Security policies, processes and procedures, as well as compliances processes and initiatives in order to provide subject matter expertise and guidance to other organizations (Commercial, R&D, Internal Audit, Compliance, Legal, HR, QA, etc.) within WuXi.
4. Work with various internal and external groups to ensure that information security policies, procedures and practices are properly implemented within IT and Business programs. Evaluates and articulates program security requirements, identifies potential security risk factors and business impacts.
5. Review IT and Business programs, projects and initiatives from inception, throughout the implementation, to end of life, to ensure that appropriate security controls are applied throughout the entire lifecycle.
6. Provides Information Security expertise and guidance to Business group leaders and IT Owners to ensure an appropriate balance between security and business enablement for identified business programs.
7. Reviews current IT and information security policies and practices for continued applicability with respect to WuXi commercial and R&D business programs. Provides recommendations for improvements.
8. Coordinate and conduct relevant security trainings and awareness program to IT, business and 3rd party teams on-demand basis.
9. Plan and execute critical applications/infrastructures and 3rd party vendors security assessment on-demand basis
10. Drive and follow up execution of key Information Security process and change management
11. Develop & maintain Information Security related metrics
12. Recommend improvements to IT Security controls based on thoughtful analysis of key metrics
13. Provide project management expertise, oversight, and guidance for Security related IT development/maintenance projects
14. Provide trend reporting for both IT Operations as well development teams on both internal and external IT Security related threats.
15. Ensure the integrity of all information systems and corporate information through the implementation and maintenance of established system management practices and control
16. Participate in IT related client audit, regulator audit and other 3rd party audit.
17. Participate in IT internal audit to ensure compliance with internal polices and processes.
18. Perform other duties as assigned
任职资格:
1. Minimum of 3-5 years of experience in Information Security, Information Assurance, or a Cyber Security role, pharmaceutical industry experience is a plus.
2. Experience in policy and process related document record maintenance.
3. Experience working with networks, Windows and MAC platforms
4. Experience with data analysis and analytics, including metrics development
5. Experience working and supporting multi-factor authentication systems
6. Experience supporting security awareness platforms
7. Demonstrated good judgment and decision-making ability
8. Excellent read and written communication skills both English and Chinese.
9. Good coordination and interpersonal management skills, must be able to work independently with minimal supervision, as well as collaborate in a professional and courteous manner with individuals of various levels within and outside the organization.
10. Good at Microsoft Office (PPT, Excel, Word and Outlook) documentation
11. Good knowledge of ISMS, ISO27001, HIPAA, SOX, COBIT, ITIL, Cyber Security Law of the PRC, OECD or GxP regulations is strongly preferred.
12. Industry Standard Information Security certification such as CISSP, CISA, CISP from a nationally recognized organization strongly preferred.
职能类别:信息技术专员
公司介绍
联系方式
- Email:zhuyun@wuxiapptec.com
- 公司地址:江北新区华康路122号南京生物医药谷加速器四期07栋
- 电话:15738851478