长沙招聘

Key responsibilities include:

 

?designing, assessing and implementing technology risk and information security management framework, policies, standards, procedures and solutions such as Enterprise-wide Identity & Access Management (I&AM), Data Loss Prevention (DLP) and Security Information & Event Management (SIEM) solutions, using ISO27001, ISO20000 and CoBIT as the internationally recognized information security and IT service management standards,

?analyzing complex client server systems and multi-platform infrastructure and application systems (including operating system, database, web server, firewall and router, electronic trading / banking systems, etc.),

?providing assurance over the operations and approach of management service providers in any outsourcing of the IT function, and establishing risk governance recommendations on emerging policies to support development of new procedures and methodologies to minimize risks.

?You will be expected to take various approach to the attest / assurance process of IT operations utilizing best practice methodology to assess IT operations. You will be responsible for conveying pragmatic solutions to complex business problems through the use of written reports and presentations. The opportunity will be available for you to develop your responsibility in supervising, coaching, developing teams and individual team members.  

Job requirement  

?University degree majoring in accounting, business administration, information systems, computer science, engineering, statistics, accounting, and / or business administration; ?Professional qualifications: CISA, CISM, CISSP, CEH, CISP or other security related qualifications is preferred. ?Minimum of 3 years system design / implementation and / or security assessment / IT audit experience with a reputable professional / consulting firm or Fortune 500 corporations; ?Practical experience and working knowledge in two or more of the following - business & system processes review, IT auditing, information security management, IT / technology risk management, design and implementation of security solutions such as I&AM, DLP and SIEM, network and system penetration testing, application security testing and code review; ?Familiar with security and control for technologies / enterprise applications: Unix, Windows, Firewall, Routers, SAP, Oracle, Hyperion and/ or evaluating and implementing information security management, IT service management and IT governance framework using ISO27001, ISO20000, ITIL respectively; ?Strong fluency in information technology general controls concepts in the areas of systems development, change management, computer operations and access to programs and data; ability to identify and assess business process controls and linkage to IT systems; ?Familiar with security and control for technologies: Unix, Windows, database, Firewall, Router, mobile technologies (e.g., IOS, Android), etc.; ?Good communication skills in both oral and written English and Chinese; ?Flexible, self-starter possessing intellectual curiosity; ?Ability to interact with executive levels of client and firm management; ?Effective project management, interpersonal and influencing skills are essential;

关于欧莱雅集团与欧莱雅中国
 
创立于1909年的欧莱雅集团，是全球***的化妆品集团。于1997年进入中国市场，经过19年快速、稳健、持续的增长，欧莱雅已成为中国化妆品市场的翘楚，并在多个细分市场位居***，包括***护肤、彩妆、***护肤、面膜、高档化妆品、药妆以及专业美发领域。总部位于上海，有超过4400名员工。目前在中国拥有一个研发和创新中心，一个培训中心和三家工厂分别位于苏州、宜昌和广州。
敬请关注欧莱雅中国“让所有人拥有美”官方微信账号及官方网站*******************