(senior)lead security specialist in shanghai

posted
job type
contract
salary
CNY 30,000 per year
apply now

job details

posted
location
shanghai
job category
Geosciences
job type
contract
salary
CNY 30,000 per year
experience
不限
reference number
30478
apply now

job description

This role is responsible for the design, build/develop, test, implement and support enterprise (mainly global) security solutions to ensure the quality, timing, budget, compliance in delivery, together with LAS/AS/Partners and all involved parties including external consulting and vendors. ? Develop security solutions and manage enterprise security services for medium to complex assignments, work on multiple projects as a team member or technical lead ? Provide strategic and tactical directions and consulting on information security and compliance ? Support service-level-agreements (SLAs) to ensure that security controls are managed and maintained ? Monitor compliance with security policies, standards, guidelines and procedures, ensure security compliance with legal and regulatory standards ? Work directly with customers/partners to gather a full understanding of project scope and business requirements, work closely with IT and development teams to design secure solutions and applications, facilitating the implementation of protective and mitigating controls ? Works directly with the clients, 3rd parties and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk ? Coordinates the development of disaster recovery test plans, testing, and documentation for each application, engage applications and system management in disaster recovery testing, objectives and auditing, participant in and plans recovery drills ? Defines security configuration and operations standards for security systems and applications ? Provides responsive support for problems found during normal working hours as well as outside normal working hours ? Lead and respond to security incidents and investigations and targets reviews of suspect areas, identify and resolve root causes of security related problems ? Evaluate and recommends tools and solutions that provide security functions ? Serve in an advisory role in application development and infrastructure projects to assess security requirements and controls and ensures that security controls are implemented as planned ? Provide ongoing knowledge transfer to team members and clients on security products and standards, coach less-experienced team members Skills: ? Expertise in the field of information systems security, including areas like Identity and Access Management, Information Protection, Cyber Security, Infrastructure Security, Application/Platform Security, Compliance, etc. ? Expertise in Security technology/products like Windows Servers, Active Directory, Active Directory Federation Services (ADFS), Public Key Infrastructure (PKI), Microsoft BitLocker Administration Management (MBAM), Privileged Account Solution (Cyber Ark), Tivoli Identity Management, etc. Not only on Windows Platform but also Unix/Linux is preferred ? Expertise in Cloud and Cloud Security especially on Microsoft Azure Cloud, including Azure AD/SSO, Azure MFA, Azure RMS, Key Vault/Disk Encryption, Microsoft Cloud Application Security, Security Center, OMS, O365 Security, etc. ? Good interpersonal skills and communication in English (Spoken/Written) Education/Experiences: ? Bachelor’s Degree in Computer Science, Information Systems or other related field, or equivalent work experience ? Typically requires 5-7 years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and 1-3 years of experience with IT security ? Working knowledge of security issues, techniques and implications across computer platforms ? Experience designing and implementing security solutions ? Optional to have Security Certification (i.e., Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP))