Ensure that the organization and IT assets follow the security standard and governance especially for RD China. Monitor and identify vulnerabilities in systems, threats and issues, document it and track the remediation. Develop and implement cloud security strategies.
- Responsible for the governance of compliance with policies and processes to protect the confidentiality, integrity and availability of IT assets (information, data and IT services) within the organization.
- Responsible for organizational and technical controls
- Support in risk assessment and analysis and monitoring the implementation of risk control/minimization measures
- Identification of possible vulnerabilities in services and applications. Ordering and monitoring of penetration and assessment services. Document the results and ensure mitigation/minimization
- Assessing threats and developing appropriate security measures and assessing their effectiveness
- Assist businesspartners in information classification
- Coordination for security incidents and participation in incident response activities, including mitigation and remediation strategies
- Take care of actuality of disaster or application recovery plans
- Develop and conduct target group orientated awareness campaigns
- Define security controls derived from policies
- Ensure Information Security Management at RD China
Support Implementation and development of R&D systems and processes from security perspective
Professional Skills:
Deep understanding and experience on: IT Security, Risk Management, Compliance & Security Standards, Knowledge in all relevant Operating Systems, Data Protection
Knowledge of: Cloud Security, Network, Web Technologies, Database, IT operations (ITIL)
Experience with security frameworks, such as NIST, and ISO 27001.
Relevant certifications, CISA, CISSP
> 5 years experience with focus in areas of security governance and security operations
Education: Bachelor's degree and above in Computer Science encompassing Information Security
