Manager - Risk Assurance (Cyber security) - GZ/SZ
普华永道中天会计师事务所有限公司北京分所(PricewaterhouseCoopers)
- 公司规模:500-1000人
- 公司行业:专业服务(咨询、人力资源、财会)
职位信息
- 发布日期:2015-07-07
- 工作地点:广州
- 招聘人数:若干
- 工作经验:5-7年
- 学历要求:本科
- 语言要求:英语熟练
普通话熟练 - 职位月薪:面议
- 职位类别:ERP实施顾问 ERP技术开发
职位描述
请点击下方提供的系统职位超链接或通过访问www.pwccn.com下的“人才招聘”网页登录我们的招聘系统, 并通过我们的系统申请该职位。
https://krb-sjobs.brassring.com/TGWebHost/jobdetails.aspx?partnerid=30056&siteid=5939&AReq=1110BR
About Risk Assurance
Business today is increasingly complex - from the way organisations are managed and structured, through increasing integration with business partners and service providers, to the ever greater levels of reliance placed on underlying information systems and business processes. In addition, new regulations - domestic and international - are placing a greater emphasis on the effectiveness of internal controls, and this often requires independent assurance. You will provide value-added insights that help to improve system and business control effectiveness across various organisations.
Job Responsibilities:
We are currently looking for individuals with strong information security, technology risk, IT strategy and governance background.
Key responsibilities include:
- Designing, assessing and implementing technology risk and information security management framework, policies, standards, procedures and solutions such as Enterprise-wide Identity & Access Management (I&AM), Data Loss Prevention (DLP) and Security Information & Event Management (SIEM) solutions, using ISO27001, ISO20000 and CoBIT as the internationally recognised information security and IT service management standards;
- Analysing complex client server systems and multi-platform infrastructure and application systems (including operating system, database, web server, firewall and router, electronic trading / banking systems, etc.);
- Providing assurance over the operations and approach of management service providers in any outsourcing of the IT function;
- Establishing risk governance recommendations on emerging policies to support development of new procedures and methodologies to minimise risks.
- You will be expected to take a consultant's approach to the attest / assurance process of a client's operations utilising our practice methodology to assess our client's operations. You will be responsible for conveying pragmatic solutions to our client's complex business problems through the use of written reports and presentations. The opportunity will be available for you to develop your responsibility in supervising, coaching, developing and leading teams and individual team members.
Requirements:
- University degree majoring in accounting, business administration, information systems, computer science, engineering, statistics, accounting, and / or business administration;
- Professional qualifications: CISA, CISM, CISSP, CEH, CISP or other security related qualifications;
- Minimum of 5 years system design / implementation and / or security assessment / IT audit experience with a reputable professional / consulting firm or multi-national corporations; (Candidate with less years of experience will be considered for Senior Associate or Associate positions);
- Practical experience and working knowledge in two or more of the following - business & system processes review, IT auditing, information security management, IT / technology risk management, design and implementation of security solutions such as I&AM, DLP and SIEM, network and system penetration testing, application security testing and code review;
- Familiar with security and control for technologies / enterprise applications: Unix, Windows, Firewall, Routers, SAP, Oracle, Hyperion and/ or evaluating and implementing information security management, IT service management and IT governance framework using ISO27001, ISO20000, ITIL and COBIT respectively;
- Strong fluency in information technology general controls concepts in the areas of systems development, change management, computer operations and access to programs and data; ability to identify and assess business process controls and linkage to IT systems;
- Familiar with security and control for technologies: Unix, Windows, database, Firewall, Router, mobile technologies (e.g., IOS, Android), etc.;
- Excellent communication skills in both oral and written English and Chinese;
- Flexible, self-starter possessing intellectual curiosity;
- Ability to interact with executive levels of client and firm management;
- Effective project management, interpersonal and influencing skills are essential; and
- Flexibility to travel to out-of-town engagements.
公司介绍
普华永道中国大陆、香港、台湾及新加坡事务所已根据各地适用的法律协作运营。整体而言,员工总数逾14,000人,其中包括约620名合伙人。
无论客户身在何处,普华永道均能提供所需的咨询服务。我们拥有实务经验丰富、高素质的专业团队,聆听各种意见,帮助客户解决业务问题、抓紧机会,发掘每个商机;我们的行业专业化有助于就客户关注的领域共创解决方案。
我们分布于以下城市:北京、香港、上海、新加坡、台北、重庆、中坜、大连、广州、新竹、高雄、澳门、南京、宁波、青岛、深圳、苏州、台中、台南、天津、厦门及西安。
中国
www.pwccn.com/chi
(简体中文版)
www.pwccn.com
(英文版) 香港
www.pwchk.com
(英文版) 台湾
www.pwc.com/tw/zh
(繁体中文版)
www.pwc.com/tw/en
(英文版) 新加坡
www.pwc.com/sg
(英文版)
普华永道–全球成员机构网络
普华永道致力于提供切合各行业所需要的审计、税务及谘询服务,以提升客户的价值。我们在154个国家和地区超过161,000人的专业团队所组成的全球网络内,分享其思维成果,行业经验和解决方案,并为客户开拓新视野及提供实用的建议。
联系方式
- 公司网站:http://www.pwccn.com
- 联系人:人力资源部