2288 Infosec Engineer
博朗软件开发(上海)有限公司
- 公司规模:150-500人
- 公司性质:外资(欧美)
- 公司行业:计算机软件 计算机服务(系统、数据服务、维修)
职位信息
- 发布日期:2014-08-17
- 工作地点:上海-长宁区
- 招聘人数:2
- 工作经验:2年
- 学历要求:本科
- 语言要求:英语良好
- 职位月薪:面议
- 职位类别:软件工程师 其他
职位描述
GENERAL SUMMARY: The Security Engineer assesses the security risk, coordinates and implements the security controls in the company; monitor the security compliance and ensure the overall security.
ESSENTIAL DUTIES & RESPONSIBILITIES:
1. Security Control–80%
? Assess the security risks on the network and IT system, and provide the solution to mitigate the risks
? Implement the security controls to improve the security level
? Analyze Palo Alto Network report and identify actions to prevent the security issues
? Monitor security events for computer virus, hacking, security breaches and malicious activities and take actions to reduce the impact
? Deal with security incidents and develop prevention plan
? Develop BCP plan and implement the BCP testing
? Provide suggestion/ solution according to customer security requirements and work closely with related team to Implement it
? Monitor the security bulletin to know the new security vulnerability, evaluate the risk and implement the controls
? Research the new technique to strengthen security system
? Educate and train the staff to be aware about the security process
?
? 评估系统和网络的风险,提供风险控制方案
? 部署安全控制,增强公司安全防护能力
? 分析Palo Alto防火墙日志,出具事件报告和处置方案
? 监控各安全平台的事件,包括病毒、黑客、违规、攻击等,采取对应防御行动
? 处理日常安全事件,包括各类紧急事件
? 制定和建立公司的安全防御计划
? 维护BCP计划并组织实施BCP测试
? 按照客户的要求提供相应的解决方案,并与相关部门进行部署
? 分析来自厂商和第三方的安全告警通知,提供风险分析和解决方案
? 研究和掌握新的技术,为安全建设提供技术支持
? 培训员工的安全意识和流程知识
? ?
2. Security Process Improvement –20%
? Improve the security process based on the business needs
? Document and improve the operation process for IT department
Position Requirements: REQUIRED QUALIFICATIONS:
1) Competencies: Skills, knowledge, & abilities
Functional Competencies:
? Good Understanding of security management systems and knowledge, like Firewall, IDS/IPS, Anti-virus, Operation System, Database, TCP/IP etc
? Good Knowledge of ISO27001
? Knowledge on ISO20000, PCI, SAS70, SOX etc is a plus
? Master common penetration test tool is preferred
Interpersonal Competencies:
? Ability to effectively manage their time in order to finish tasks on schedule
? Escalates issues appropriately to manager
? Good communication skills
? Good documentation skills
? Must project a professional attitude
? Ability to work effectively with a cross-functional team
Leadership Competencies:
? Demonstrate integrity, maturity and a constructive approach to challenges.
? Develop an understanding of Bleum's core values:
? Honest,
? Customer Orientation,
? Takes Ownership,
? Discipline,
? Excellence,
? Enjoy the Journey
? Able to multi-task (work on multiple deliverables at once)
? Demonstrate an attitude of joint accountability for all aspects of security, whether or not directly assigned responsibilities.
? Demonstrate respect, responsiveness and professionalism toward others while providing superior service for customers
2) Experience:
? Have at least 2+ year experience with IT system maintenance & configuration like network management, server maintenance etc
? Have at least 1+ year experience with ISO27001 compliance process implementation
? Have a working knowledge of security process improvement
? Knowledge of PCI, SOX, SAS70, BS25999, ISO20000, ITIL is a plus
? CISSP, CIW, CISP, CISA certificate is a plus
3) Minimum educational level:
? B.S. Computer Science or equivalent
ESSENTIAL DUTIES & RESPONSIBILITIES:
1. Security Control–80%
? Assess the security risks on the network and IT system, and provide the solution to mitigate the risks
? Implement the security controls to improve the security level
? Analyze Palo Alto Network report and identify actions to prevent the security issues
? Monitor security events for computer virus, hacking, security breaches and malicious activities and take actions to reduce the impact
? Deal with security incidents and develop prevention plan
? Develop BCP plan and implement the BCP testing
? Provide suggestion/ solution according to customer security requirements and work closely with related team to Implement it
? Monitor the security bulletin to know the new security vulnerability, evaluate the risk and implement the controls
? Research the new technique to strengthen security system
? Educate and train the staff to be aware about the security process
?
? 评估系统和网络的风险,提供风险控制方案
? 部署安全控制,增强公司安全防护能力
? 分析Palo Alto防火墙日志,出具事件报告和处置方案
? 监控各安全平台的事件,包括病毒、黑客、违规、攻击等,采取对应防御行动
? 处理日常安全事件,包括各类紧急事件
? 制定和建立公司的安全防御计划
? 维护BCP计划并组织实施BCP测试
? 按照客户的要求提供相应的解决方案,并与相关部门进行部署
? 分析来自厂商和第三方的安全告警通知,提供风险分析和解决方案
? 研究和掌握新的技术,为安全建设提供技术支持
? 培训员工的安全意识和流程知识
? ?
2. Security Process Improvement –20%
? Improve the security process based on the business needs
? Document and improve the operation process for IT department
Position Requirements: REQUIRED QUALIFICATIONS:
1) Competencies: Skills, knowledge, & abilities
Functional Competencies:
? Good Understanding of security management systems and knowledge, like Firewall, IDS/IPS, Anti-virus, Operation System, Database, TCP/IP etc
? Good Knowledge of ISO27001
? Knowledge on ISO20000, PCI, SAS70, SOX etc is a plus
? Master common penetration test tool is preferred
Interpersonal Competencies:
? Ability to effectively manage their time in order to finish tasks on schedule
? Escalates issues appropriately to manager
? Good communication skills
? Good documentation skills
? Must project a professional attitude
? Ability to work effectively with a cross-functional team
Leadership Competencies:
? Demonstrate integrity, maturity and a constructive approach to challenges.
? Develop an understanding of Bleum's core values:
? Honest,
? Customer Orientation,
? Takes Ownership,
? Discipline,
? Excellence,
? Enjoy the Journey
? Able to multi-task (work on multiple deliverables at once)
? Demonstrate an attitude of joint accountability for all aspects of security, whether or not directly assigned responsibilities.
? Demonstrate respect, responsiveness and professionalism toward others while providing superior service for customers
2) Experience:
? Have at least 2+ year experience with IT system maintenance & configuration like network management, server maintenance etc
? Have at least 1+ year experience with ISO27001 compliance process implementation
? Have a working knowledge of security process improvement
? Knowledge of PCI, SOX, SAS70, BS25999, ISO20000, ITIL is a plus
? CISSP, CIW, CISP, CISA certificate is a plus
3) Minimum educational level:
? B.S. Computer Science or equivalent
公司介绍
博朗软件开发(上海)有限公司成立于2001年,是美国独资、领先的离岸软件开发公司,为美国和欧洲的金融、电子商务、新兴产业内知名公司和其他独立软件供应商提供高附加值的软件开发服务。
通过为客户提供基于长期合作关系的软件开发和维护服务,并拥有先进的技术和符合CMMi-level 5和ISO27001规范的管理流程,博朗软件为员工提供了非常稳定的软件开发环境。
博朗软件注重员工的个人发展,为员工持续提供所需的各种培训课程,也建立了贯穿员工职业生涯的导师制度和提升机制,并且为员工的内部岗位轮换提供了机会。快速发展的博朗软件同时也给诸多优秀员工提供了快速职业发展机会,使之成长为技术骨干及管理者。
除了系统专业的技术培训、研讨外,公司致力于不断提升员工的英语应用水平,提供100%英语工作环境,由专职英语外籍教师根据员工不同的英语水平设计相应的培训课程,并提供实时地技术英语支持。
由于客户多在欧美国家,员工会有大量派遣到海外培训与工作的机会,公司同时也会邀请海外客户到公司进行现场培训和指导。
工作之余,员工能够参与公司定期举办缤纷多彩的社交活动和充满乐趣的体育文化项目,丰富自己的业余生活。
随着公司业务持续迅速增长,我们需要更多的同伴来帮助我们一起达成梦想。博朗软件真诚地欢迎您的加入!
博朗软件目前有大量工作机会等待您的查询和应征。您只需要投递简历,我们将会尽快与您取得联系。
有关博朗软件的更多信息请访问博朗软件的官方主页:www.bleum.com
更多及时信息您也可以访问新浪认证微博:博朗软件。
邮件联系:recruiters@bleum.com
通过为客户提供基于长期合作关系的软件开发和维护服务,并拥有先进的技术和符合CMMi-level 5和ISO27001规范的管理流程,博朗软件为员工提供了非常稳定的软件开发环境。
博朗软件注重员工的个人发展,为员工持续提供所需的各种培训课程,也建立了贯穿员工职业生涯的导师制度和提升机制,并且为员工的内部岗位轮换提供了机会。快速发展的博朗软件同时也给诸多优秀员工提供了快速职业发展机会,使之成长为技术骨干及管理者。
除了系统专业的技术培训、研讨外,公司致力于不断提升员工的英语应用水平,提供100%英语工作环境,由专职英语外籍教师根据员工不同的英语水平设计相应的培训课程,并提供实时地技术英语支持。
由于客户多在欧美国家,员工会有大量派遣到海外培训与工作的机会,公司同时也会邀请海外客户到公司进行现场培训和指导。
工作之余,员工能够参与公司定期举办缤纷多彩的社交活动和充满乐趣的体育文化项目,丰富自己的业余生活。
随着公司业务持续迅速增长,我们需要更多的同伴来帮助我们一起达成梦想。博朗软件真诚地欢迎您的加入!
博朗软件目前有大量工作机会等待您的查询和应征。您只需要投递简历,我们将会尽快与您取得联系。
有关博朗软件的更多信息请访问博朗软件的官方主页:www.bleum.com
更多及时信息您也可以访问新浪认证微博:博朗软件。
邮件联系:recruiters@bleum.com
联系方式
- Email:recruiters@bleum.com
- 公司地址:上班地址:上海市延安西路1118号龙之梦大厦8楼