职位&公司对比

职位详情

• 上海
• 1-3年
• 本科

• 数据安全管理经验
• IT审计经验
• 熟悉ISO27001标准
• 信息安全合规
• 制造业
• 供应商信息安全合规

Information Security Specialist Description ●Maintain an information management and protection framework for an effective global supply chain-wide governance program. ●Identify, track, and oversee internal and external compliance and regulatory requirements (PCI, Data Privacy, etc.) for the global supply chain including compliance with established policies, procedures, standards, baselines, and controls. ●Manage day-to-day security activities, including conducting vendor security aBOSS直聘ssessments and privacy security assessments, implementing company policies, and communicating related to the inbossformation security program. ●Handling Information Security Management, addressing information security threats and incidents within global supply chain, and driving remediation. ●Manage information security awareness programs and provide training to all production office staff. ●Guide and support staff and provide security training and awareness programs to promote a culture of security and best practices within the organization. ●Assist other ISO members to respond to security incidents in global supply chain (personal/confidential information, system hacking, local employee information leakage, information breach, store physical security, customer center security) 任职资格 Language Mustboss：Fluency in Chinese and English, be able to speak and utilize it in daily work. *Nice to have in Japanese (English: CET6 / TOEIC 700 or above level.) Experience Technical skills: ●At least 3 years of experience in a cybersecurity role, with a focused experience in risk assessment, compliance and training. ●Knowledge and Experience in information security governance frameworks such as ISO27001 (and ISO27701 framework, NIST CSF, etc.) ●Knowledge and Experience in information security incident response. ●Experience in developing and enforcing security policies and procedures. ●Knowledge in Operation Technologies systems and their security implications. ●Knowledge in global supply chain management. ●Excellent communication skills to convey complex security concepts to technical and non-technical stakeholders. ●A proactive and adaptable mindset, with a willingness to stay updated on emerging threats and technologies. ●Understanding and ability of risk analysis for cyber threats. (Preferred) ●Other technical and/or security certifications are prefBOSS直聘erred. (e.g. CISA, CISM, CISSP, SANS, GIAC, etc.). (Preferred). Education, skills, and abilities: ●Educational Background: IT, Security, Audit, Computer Science or other related majors. ●Excellent communication skills. ●Ability to multitask, prioritize work effectively, and manage tasks/projects to completion. ●Ability to work independently and within a team environment. ●Highly motivated and strong sense of responsibility and ownership. ●Willingness and ability to travel globally up to 50% (mostly China and ASEAN). Career Path Personal growth within the Information Security Office in China and other foreign locations and broadening career to a wide range of opportunities depending on the candidates’ ability, aptitude, and motivation.