上海招聘

Line of Business: Technology & Digital

Location: China, Shanghai

Job Summary:

As a Cyber Security & Compliance Senior Specialist for GRC, you are responsible for collaborating with Technology & Digital team to implement security requirements that protect the confidentiality, integrity, and availability of information resources while aligning with business goals and objectives. This position provides research and guidance in the areas of security policies and standards, cybersecurity compliance and finding management, conducts internal compliance checks, tracks and reports finding status.

Key Responsibilities:

• Compile and maintain cybersecurity-related policies, standards and guidelines, facilitate the same to be followed in place
• Impart security awareness training across the company
• Conduct internal SOX checks and reviews periodically
• Facilitate SOX external audit
• Prepare and consolidate evidence, facilitate PCI DSS external audit
• Track findings in the GRC system, facilitate the deployment of remediation action within a predefined time framework
• Facilitate the deployment of the Multi-Level Protection Scheme
• Facilitate any other internet or external cybersecurity-related audits
• Consolidate firewall change requests and submit to global team for review
• Review disaster recovery plans, organize periodical DR testing, and compile reports
• Compile various kinds of security dashboards and reports
• Work closely with team members to conduct a risk assessment

Desired Qualifications:

• Bachelor's degree or equivalent in computer science, management information systems, or related field with an accompanying security accreditation (i.e., CISSP or CISA)
• 3+ years of information security experience with 1 year and above experience with security auditing and/or security compliance validation
• Knowledge of security-related legislation/regulations with emphasis on China Cybersecurity Law, Multi-Level Protection Scheme, Sarbanes-Oxley, PCI, and Privacy Law
• Good communication skills in English, both oral and written, such as presentation, technical reports, and proposals
• Ability to demonstrate aptitude, interest, and passion for keeping up with information security technical trends, research, and current development
• Strong interpersonal skills, with an emphasis on the ability to effectively influence others
• Strong organization, prioritization, and rationalization skills

作为全球家庭娱乐业的领军企业之一，上海迪士尼度假区为我们的游客带来独具一格的服务和珍藏一生的记忆。加入我们，在这个充满奇幻、想像、创意和探险的全新世界里，为每年数以百万的度假区游客创造欢乐。无论您的迪士尼旅程走向台前还是幕后，您都拥有无限机遇。
As one of the worldwide leaders in family entertainment, Shanghai Disney Resort delivers legendary service and a lifetime of memories for our guests. Joining us in a new world of fantasy, imagination, creativity and adventure involves creating happiness for the millions of guests who visit our Resort each year. Whether your career journey here is onstage or backstage, there are almost unlimited opportunities for growth and personal development at Shanghai Disney.