作者 |
[原创]外资急!招聘:Information Security Risk Management, Manager |
|
shzhaopin007
头衔: 海归中尉 性别: 年龄: 44 加入时间: 2010/07/04 文章: 57 来自: shanghai 海归分: 6357
|
|
作者:shzhaopin007 在 海归招聘 发贴, 来自【海归网】 http://www.haiguinet.com
Information Security Risk Management, Manager / Lead Manager, SA&A---上海
Proposed Job Responsibilities:
• Work with the local teams as part of SA&A Risk Management team to facilitate -
• Risk analysis of services and assets
• Implementation of risk mitigating controls
• Measurement of control effectiveness through metrics
• Effective closure of all internal/external audit observations
• Requirements sign off and UAT from security perspective, for IS applications owned by the concerned
• BEF or subsidiary specific internal applications.
• Implementation of controls for compliance with SOX, FISAP or equivalent requirements
• Work with the delivery account / process teams within the subsidiary to facilitate -
• Assistance to delivery accounts to ensure and track compliance with contractual requirements from
information security perspective
• Providing information security expert assistance for audit/visit by customer/prospect
• Effective closure of all internal/external audit observations
• Measurement of control effectiveness through metrics at a delivery account level
• Providing information security expert assistance to delivery accounts for external audits e.g. ISO
27001, SAS70, PCI etc
• Provide assistance to SA&A Risk Management Team activities e.g. creating security awareness in the subsidiary
• Provide support and seek assistance from SA&A Audits & Assurance Team for scheduling internal systems and process audits.
• Provide support and seek assistance from SA&A Engineering team for issues related to secure system/network configuration, secure technology evaluation and forensic investigation.
• Provide support and seek assistance from SA&A Incident Management Team for issues related to security incident management.
Pre-requisites:
• Must have information security implementation related experience of 6 to 10 years.
• Must have good understanding of information security related standards like ISO 27001, PCI, COBIT
• Relevant certifications like CISA, CISSP, CISM, ISO 27001 Lead Auditor, ISO 27001 Lead mplementer would be preferred.
• Should have good understanding of basic concepts of networking, TCP/IP, Security issues in operating systems (e.g. Microsoft Windows), information security risks in networks, systems and processes etc.
• Previous hands on experience in terms of IT systems integration, administration or network design etc. would be additional advantage.
• Should have keen interest to learn about new trends in information security and ability to apply the knowledge to identify and mitigate new areas of risks.
• Should have the ability to manage projects involving cross functional teams.
• Should have excellent communications skills in English and Mandarin languages.
• Should be a good team player since this involves working with geographically distributed teams.
• Must have ability to understand IP laws and protection mechanisms in China and Australia.
• Should have the ability to bring experience of progressive Information Security practices from the region.
•Should have about 6 - 10 experience in working with multinational companies; with demonstrated ability to effectively interact in the region (Primarily China and Australia).
工作地: 上海
有意的朋友简历请投至:[email protected]
联系人: CiCi (Consultant)
Msn: [email protected]
收到简历后,会在24小时内回复。
作者:shzhaopin007 在 海归招聘 发贴, 来自【海归网】 http://www.haiguinet.com
|
|
|
返回顶端 |
|
|
|
- [原创]外资急!招聘:Information Security Risk Management, Manager -- shzhaopin007 - (3415 Byte) 2010-7-05 周一, 17:38 (1270 reads)
|
|
|
您不能在本论坛发表新主题, 不能回复主题, 不能编辑自己的文章, 不能删除自己的文章, 不能发表投票, 您 不可以 发表活动帖子在本论坛, 不能添加附件可以下载文件, |
|
|