衡阳招聘

【In this role, you have the opportunity to】

As Information Security Officer, you are the leading responsible expert in your designated business, market and functions for all activities related to information and services security, both internally within the Enterprise, and for the services we deliver to our customers.

The Information Security Officer works across various environments, markets and business teams to maintain and expand a world-class capability and culture around information & service security and ensures that formal regulations and certifications are kept up to date and adhered to.

【Key Responsibilities】

(1)   Security Leadership

？  Support/localize information & service security awareness, training and education programs.

?      Support, create, approve and embed information/service security policies, adaptions, and standards.

?      Establish & deliver centralized reporting within the company, and to the business markets on the effectiveness of the information & service security function and its performance against strategic objectives.

(2)   Information & Services Security Management:

?      Creating products & services security strategies, both short-term and long-range, in support of the business goals.

?      Identify product/services security requirements throughout the Idea-to-market (I2M)/ Product Development Lifecycle Management and work with other teams as necessary to provide mitigation and cost/benefit analysis.

?      Directing an ongoing, proactive product & services security risk assessment program so effective controls can be put in place for those areas presenting the greatest information security risk. Communicating risks and recommendations to mitigate risks to the senior management.

?      Supporting businesses in maintaining external business certifications and compliance with other (international) guidelines for information security.

?      Assisting with business internal audits and overseeing and guiding external audits related to its products and services in the markets.

?      Engage with business, markets and functions to identify improvement opportunities across secure foundation, information protection, and secure access to business information/assets, threat / incidents response capabilities and vulnerabilities mitigation.

?      Drive local business on the implementation of ISMS (High level controls and Technical Baselines), gather information and assess risk together with the team.

?      Support the embedding of Information Security (e.g. ISMS, client requirements, Technical Baselines) within business/markets/ functions operations and various environments.

(3)   Security Incident Management

?      Respond to and investigate information security incidents and breaches in order to reduce/contain potential damage; act as liaison with relevant regulators and/or enforcement agencies in relation to information security matters.

?      Report information security incidents according to internal information security guideline; work with country ISO to manage the risk related to the new incident if required.

(4)   Security Audit

?      Undertake information security review in businesses and functions to ensure compliance with internal policies and external regulations, and perform annual audit.

?      Inform country ISO on any Internal and External Audits; manage the information flow and responses to the audit reviews.

【Key Requirements】

ü Minimum of 5 years in service/information security or risk management and/or related functions (such as IT audit, IT Risk Management and IT Compliance)

ü Excellent knowledge of ISO27001/2 and China Cybersecurity Laws

ü Information security management or audit qualifications such as CISM/ CISSP/ CISA/ CRISC

ü Experience in the creation and enforcement of information security (including the sensitivity to establish a risk based view on compliance), including compliance reporting

ü Strong interpersonal skills – communication, presentation, ability to influence and lead

ü Ability to work within a multi-function, multi-discipline team environment with strong influencing, management and communication skills

ü English fluency

ü Willingness to travel as needed

     创建于1835年的德国贝塔斯曼集团是世界三大传媒巨头之一，在全球63个国家拥有近400家公司，是《财富》全球500强企业之一。
    上海贝塔斯曼商业服务有限公司简称欧唯特(中国)，是德国贝塔斯曼集团在华独资子公司，作为处于领先地位的拥有高度整合和适应能力的国际企业服务供应商，我们针对客户关系管理和供应链管理为企业在中国乃至全球范围提供个性化服务解决方案。
    欧唯特于2001年初进入中国市场，目前已将业务拓展到航空、汽车、传媒、旅游、保险、电信、直销、快速消费品、金融服务等领域，与众多知名企业建立了合作伙伴关系。公司以上海为总部，相继在北京、广州、长春成立了分公司。2009年在深圳成立了深圳欧唯特物流服务有限公司的合资企业，为中国移动及高端电子产品行业提供世界级物流服务，以满足国内外客户日益扩大的市场需求。
    欧唯特提倡关注合作伙伴利益，注重提升合作伙伴的可发展空间，希望通过建立共同成长的伙伴关系，为客户提供全面的产品、完善的解决方案和优质的服务。欧唯特运用不断革新的信息技术和服务，来追求其商业合作伙伴的竞争能力的持续优化。
    我们的服务内容：客户关系与忠诚度咨询、数据管理、促销管理、顾客互动中心、客户服务解决方案、财务服务、物流服务等。
    我们始终倡导平等的就业政策，助力残障人才持续的职业发展 ，确保各类人群在欧唯特拥有平等的就业机会和待遇。