IT security manager 信息安全专员
黎睿商务咨询(上海)有限公司
- 公司规模:50-150人
- 公司行业:金融/投资/证券 专业服务(咨询、人力资源、财会)
职位信息
- 发布日期:2017-01-31
- 工作地点:上海-长宁区
- 招聘人数:1人
- 学历要求:本科
- 语言要求:英语 良好
- 职位月薪:1.2-2.5万/月
- 职位类别:信息技术专员
职位描述
职位描述:
岗位简述:
负责信息安全和特定技术安全领域的基础设施保护。
主要职责:
负责制定并实施集团信息系统安全和隐私标准方针/指导;
负责突发事件定义和履行;
为公司内部信息安全方案设计和相关技术/产品的选择提供咨询;
收集安全要求,对风险进行评估,并持续监督跟进;
为安全漏洞评估、审计、内部评估等定义和提供方法;
密切关注安全漏洞相关的行业信息,及时报告并做好预备措施;
实施安全漏洞管理。
岗位要求:
至少5年IT相关工作经验,并有3年以上信息安全/IT风险管理经验;
熟悉IT相关法规、信息网络安全;
熟练掌握包含IT基础设施和应用的信息技术安全管控;
IT知识扎实,并拥有OS安全,DB安全,IAM,密码学方面的实践经验;
了解正规的安全评估方法和安全漏洞管理;
具有良好的沟通能力和技术类写作/制作图标、讲解能力;
英文能力良好;
拥有金融行业IT安全规范背景者优先;
拥有CISA, CISSP, ISO27001, ITIL证书者优先;
拥有管理经验者优先。***
Purpose of Position
Responsible for information security and infrastructure protection on a defined technological /security area.
Essential Responsibilities
? Responsible for the group policy definition and implementation of security and privacy standards/guidelines/practices on a technological/security for system security and office security;
? Responsible for the Incident definition and implementation.
? Act as an internal consultant for daily information security solutions design and corresponding technical/products selection;
? Collect security requirements, assess risk and carry out a continuous monitoring;
? Define, support and deliver methodologies for security risk assessment, auditing and self-assessment;
? Closely monitor the industrial information security threats ,report and prevention promptly;
? Security vulnerability management;
Qualifications/Requirements:
? At least 5 years IT related experience with 3+ years information security/IT risk experience;
? Familiar with IT compliance, information security and network skills;
? In depth understanding of IT security technologies and techniques that cover IT infrastructure and application;
? Strong technical knowledge with hands-on experience on OS security, DB security, IAM, cryptography, etc. design and operation;
? Understanding of formal risk assessment methodologies and security vulnerability management;
? Strong communication, technical writing/diagramming and spoken skills;
? IT security regulatory for financial industry preferred;
? CISA, CISSP, ISO27001, and ITIL certification preferred;
? Management experience preferred.
举报
分享
岗位简述:
负责信息安全和特定技术安全领域的基础设施保护。
主要职责:
负责制定并实施集团信息系统安全和隐私标准方针/指导;
负责突发事件定义和履行;
为公司内部信息安全方案设计和相关技术/产品的选择提供咨询;
收集安全要求,对风险进行评估,并持续监督跟进;
为安全漏洞评估、审计、内部评估等定义和提供方法;
密切关注安全漏洞相关的行业信息,及时报告并做好预备措施;
实施安全漏洞管理。
岗位要求:
至少5年IT相关工作经验,并有3年以上信息安全/IT风险管理经验;
熟悉IT相关法规、信息网络安全;
熟练掌握包含IT基础设施和应用的信息技术安全管控;
IT知识扎实,并拥有OS安全,DB安全,IAM,密码学方面的实践经验;
了解正规的安全评估方法和安全漏洞管理;
具有良好的沟通能力和技术类写作/制作图标、讲解能力;
英文能力良好;
拥有金融行业IT安全规范背景者优先;
拥有CISA, CISSP, ISO27001, ITIL证书者优先;
拥有管理经验者优先。***
Purpose of Position
Responsible for information security and infrastructure protection on a defined technological /security area.
Essential Responsibilities
? Responsible for the group policy definition and implementation of security and privacy standards/guidelines/practices on a technological/security for system security and office security;
? Responsible for the Incident definition and implementation.
? Act as an internal consultant for daily information security solutions design and corresponding technical/products selection;
? Collect security requirements, assess risk and carry out a continuous monitoring;
? Define, support and deliver methodologies for security risk assessment, auditing and self-assessment;
? Closely monitor the industrial information security threats ,report and prevention promptly;
? Security vulnerability management;
Qualifications/Requirements:
? At least 5 years IT related experience with 3+ years information security/IT risk experience;
? Familiar with IT compliance, information security and network skills;
? In depth understanding of IT security technologies and techniques that cover IT infrastructure and application;
? Strong technical knowledge with hands-on experience on OS security, DB security, IAM, cryptography, etc. design and operation;
? Understanding of formal risk assessment methodologies and security vulnerability management;
? Strong communication, technical writing/diagramming and spoken skills;
? IT security regulatory for financial industry preferred;
? CISA, CISSP, ISO27001, and ITIL certification preferred;
? Management experience preferred.
职能类别: 信息技术专员
关键字: IT security CISA CISSP ISO27001 ITIL 信息安全
公司介绍
黎睿商务咨询(上海)有限公司是一家集金融相关业务的综合支援、服务为一体化的公司。其客户Liri Holdings Limited成立于香港,帮助企业解决结算业务及网络交易发展问题的国际金融服务集团。提供国际结算、网上平台、国际品牌卡、商务咨询等各种服务。10年以上行业经验的专业团队与世界一流金融机构提携创造出最便利的结算方案和在线交易系统。
公司与员工约定人才的采用、研修、员工岗位、人事评价、薪酬制度等采取全世界最良好的制度及灵活的运营方案。
公司员工职位经常会通过公平公正的评判,安排在适合的位置。
帮助员工努力发挥各自的特长,加强团队建设,最大限度满足市场需求。
员工的才能及热情是公司走向成功的关键。因此公司尊重员工的想法,使员工的工作与生活平衡成长,奠定客户业务发展基础
我们期待您的加入!
公司与员工约定人才的采用、研修、员工岗位、人事评价、薪酬制度等采取全世界最良好的制度及灵活的运营方案。
公司员工职位经常会通过公平公正的评判,安排在适合的位置。
帮助员工努力发挥各自的特长,加强团队建设,最大限度满足市场需求。
员工的才能及热情是公司走向成功的关键。因此公司尊重员工的想法,使员工的工作与生活平衡成长,奠定客户业务发展基础
我们期待您的加入!
联系方式
- 公司地址:上班地址:天山路