上海招聘

RESPONSIBILITY:

Clarios is looking for an experienced Cybersecurity Architect with good communication skills to join our global team of information technology professionals. This role will be a part of the Information Security team and will be responsible for assessing, designing, resolving and integrating information security into information technology solutions. As a Cybersecurity Architect you will be responsible for increasing security awareness among project teams and making information technology solutions more robust and secure. You will work with the Demand office, Enterprise Architecture and IT leadership and be responsible for mentoring and driving them through the security assessments and adopting secure solution design principles.

· Perform security assessments for on-going projects: both Architecture and Implementation/Code Review

· Contribute in building secure architecture for the new projects or making corrections to existing ones

· Consult on all 3rd-party application security penetration testing

· Consult on vulnerability response process, impact assessments and remediation plans

· Recommend design and code changes to meet product security objectives and remedy security findings

· Perform unit-test if needed to verify a remediation or provide a proof-of-concept as evidence of a vulnerability

· Work as a security advisor helping to establish secure development activities during solution development

· Communicate with customers and teams, be able to convey the message about importance of security, the ways of establishing it and the wrong ways of enforcing it (e.g. do pen testing before release)

DUTIES:

· Knowledge of at least one Security Development methodologies (e.g. Microsoft SDL, OWASP CLASP etc)

· Knowledge of main Security-related activities in development such as Risk and Privacy Assessment, Threat Modeling, Security Code Review

· Deep understanding of the nature of security threats and their classification

· Knowledge of most common implementations of the Threats (e.g. XSS, SQL Injection, XSRF, buffer overruns, brute force, rainbow tables, DoS etc) and how they match the general classification

· Understanding of main security principles, such as multi-layered protection (Defense in Depth)

· Understanding of main areas of protection (Security, Privacy, Availability) and levels of defense (networking, infrastructure, OS, Application)

· Understanding of mitigation mechanisms for every type of threats (e.g. validation, sanitizing, crypto-operations etc)

· Good knowledge of Security Features and Mechanisms provided by at least one OS (e.g. Windows, Linux, Android, iOS etc) and development platform/technologies (e.g. Java, .NET Framework, databases etc)

· Familiarity with existing security standards (e.g. PCI DSS, HIPAA, NIST, Common Criteria etc) and what does it mean to implement compliance with them

· Familiarity with the tools for various security activities: Static Code Analysis, Pen Testing, Intrusion Detection/Prevention etc

· Experience with VAPT and familiarity with common security vulnerabilities, the lexicon of findings (CVSS, CVE), ability to assess severity, etc

· Understanding of basic principles of infrastructure security and penetration testing

· Ability to use the tools to perform actual attacks is a plus

REQUIREMENTS

· Bachelor’s degree or related experience in Computer Science, Engineering or related discipline.

· Strong experience with MS Visio, PowerPoint, MS Word and MS Excel.

· Minimum 5 years of experience, designing, implementing and supporting large-scale, information security environments.

· Professional certification in relevant disciplines preferred: CISSP, CISA, CEH, Etc.

· Strong people management skills with global experience.

· Strong technical and non-technical communication skills.

· Ability to establish and maintain high levels of client trust and confidence.

柯锐世，原江森自控能源动力业务，拥有超过130年的悠长历史，是全球先进储能解决方案的佼佼者，为全世界1/3的车辆提供动力。
柯锐世是全球***的汽车电池回收者，每小时在全球回收8000块电池，通过使用可回收的原料降低90%能源消耗和温室气体排放量。
柯锐世的56个制造、回收和配送中心遍布全球，为超过150个国家的客户提供服务，是宝马、奔驰、奥迪、保时捷等诸多原厂原配电池。
柯锐世2018年销售1.54亿块电池。