51Testing软件测试论坛

 找回密码
 (注-册)加入51Testing

QQ登录

只需一步,快速开始

微信登录,快人一步

手机号码,快捷登录

查看: 2640|回复: 0
打印 上一主题 下一主题

[北京] 转发一个上海的猎头朋友招聘帖子-信息安全经理 -- 上海外企,不差钱!

[复制链接]

该用户从未签到

跳转到指定楼层
1#
发表于 2010-5-16 22:58:18 | 只看该作者 回帖奖励 |倒序浏览 |阅读模式
急聘:信息安全经理 -- 上海外企,不差钱!

置顶锁帖修改删除

Position – Manager / Lead Manager, Information Security Risk Management, SA&A薪水OPEN
Reporting To – Group Manager - Information Security Risk Management, SA&A

Number of years relevant experience – 6 to 10 years

Scope of responsibilities – APAC region ( China, Australia, rest of APAC)

Proposed Job Responsibilities –

1. Work with the local teams as part of SA&A Risk Management team to facilitate –
• Risk analysis of services and assets
• Implementation of risk mitigating controls
• Measurement of control effectiveness through metrics
• Effective closure of all internal/external audit observations
• Requirements sign off and UAT from security perspective, for IS applications owned by the concerned BEF or subsidiary specific internal applications.
• Implementation of controls for compliance with SOX, FISAP or equivalent requirements
2. Work with the delivery account / process teams within the subsidiary to facilitate –
• Assistance to delivery accounts to ensure and track compliance with contractual requirements from information security perspective
• Providing information security expert assistance for audit isit by customer/prospect
• Effective closure of all internal/external audit observations
• Measurement of control effectiveness through metrics at a delivery account level
• Providing information security expert assistance to delivery accounts for external audits e.g. ISO 27001, SAS70, PCI etc
3. Provide assistance to SA&A Risk Management Team activities e.g. creating security awareness in the subsidiary
4. Provide support and seek assistance from SA&A Audits & Assurance Team for scheduling internal systems and process audits.
5. Provide support and seek assistance from SA&A Engineering team for issues related to secure system/network configuration, secure technology evaluation and forensic investigation.
6. Provide support and seek assistance from SA&A Incident Management Team for issues related to security incident management.

Pre-requisites –

1. Must have information security implementation related experience of 6 to 10 years.
2. Must have good understanding of information security related standards like ISO 27001, PCI, COBIT
3. Relevant certifications like CISA, CISSP, CISM, ISO 27001 Lead Auditor, ISO 27001 Lead Implementer would be preferred.
4. Should have good understanding of basic concepts of networking, TCP/IP, Security issues in operating systems (e.g. Microsoft Windows), information security risks in networks, systems and processes etc.
5. Previous hands on experience in terms of IT systems integration, administration or network design etc. would be additional advantage.
6. Should have keen interest to learn about new trends in information security and ability to apply the knowledge to identify and mitigate new areas of risks.
7. Should have the ability to manage projects involving cross functional teams.
8. Should have excellent communications skills in English and Mandarin languages.
9. Should be a good team player since this involves working with geographically distributed teams.
10. Must have ability to understand IP laws and protection mechanisms in China and Australia.
11. Should have the ability to bring experience of progressive Information Security practices from the region.
12. Should have about 6 – 10 experience in working with multinational companies; with demonstrated ability to effectively interact in the region (Primarily China and Australia).

只要合要求,薪水都可以谈
单位地:上海浦东。张江
有意的朋友简历请投至: <!-- e -->hunter@wide-keen.com<!-- e -->
或MSN交流:lynnwq@live.cn
分享到:  QQ好友和群QQ好友和群 QQ空间QQ空间 腾讯微博腾讯微博 腾讯朋友腾讯朋友
收藏收藏
回复

使用道具 举报

本版积分规则

关闭

站长推荐上一条 /1 下一条

小黑屋|手机版|Archiver|51Testing软件测试网 ( 沪ICP备05003035号 关于我们

GMT+8, 2024-11-14 12:00 , Processed in 0.070675 second(s), 27 queries .

Powered by Discuz! X3.2

© 2001-2024 Comsenz Inc.

快速回复 返回顶部 返回列表