Information Security and Data Privacy Leader
Save job
Salary Negotiable
Location Shanghai
FULL_TIMEConsultant Roxy Chen
JobRef 1188210/001
Date posted 10 January 2023
shanghai tech-transformation/it-security 2023-01-10 2023-03-11 it Shanghai CN Robert Walters https://www.robertwalters.cn https://www.robertwalters.cn/content/dam/robert-walters/global/images/logos/web-logos/square-logo.png true
Our client is looking for an Information Security and Data Privacy Leader in Shanghai.
Key Responsibilities:
- Perform Information Security risk assessments for new local solutions based on the company Range & Supply ISDP baseline, to evaluate the effectiveness of controls; develop follow-up action plans for identified gaps identified; provide the necessary follow-up to closure
- Perform Information Security risk assessments for existing and new global solutions regarding cross-border data transfer, evaluate the effectiveness of controls; develop follow-up action plans for identified gaps identified; provide the necessary follow-up to closure
- Perform Information Security risk assessments for high-risk vendor engagement and controls assessments for applications/ platforms
- Perform control risk assessments for environments, including cloud-based applications and public cloud infrastructure
- Provide associated analysis, reporting and metrics for assessments
- Work together with ISDP Leader on Multi-level Protection Scheme (MLPS) program for applicable local solutions, including self-assessment and remediation follow-ups, external testing agency communication and etc.
- Work together with ISDP Leader on enhancement of assessment questionnaire(s), assessment process documentation and templates
- Exercise data privacy related compliance risk analysis to support business decision making and business operation
- Work together with ISDP Leader to handle and resolve local security incidents
- Work together with ISDP Leader on internal ISDP awareness and training program
Key Requirements:
- Education: Bachelor of Engineering or equivalent, majoring in Computer Sciences or engineering, or information security preferred
- Experience: Minimum 4 years of IT experience, out of which 2 years with IT Security and Data Privacy Protection
- Experience with Information Security and/or Technology Risk Management, servicing retail industry is a plus
- Ability to assess Information Security controls with respect for on premise and cloud-based applications / infrastructure
- Strong understanding of applicable and accepted security and audit frameworks (such as COBIT and ISO), laws and regulations (China Cybersecurity Law, GDPR) & IT general controls
- Certifications: Information Security, risk management and data privacy related certification (e. g. CISA, CISM, CISP, CISSP and etc.) will be a plus
- Continuously striving for excellence and simplicity
- Enabling change
- Safeguarding company’s interest as a totality
- Governance and compliance
- Strong communication skills are a must. The resource should be able to effectively communicate with cross-functional teams and vendors, both written and oral communication is critical
- Fluency (written, spoken and read) in Mandarin Chinese and English; the ability to understand and translate technical documentation from Mandarin Chinese to English, vice versa is required
- Excellent project management skills
- Self-driven and multitask handling
Similar jobs
-
Salary: CNY600000 - CNY800000 per annumLocation: ShanghaiDate posted: 30 January 2023This position is to focus on building and improving specific customer-facing apps using modern platforms such as Azure, AWS, .Net(Core), VueJS, Micro-Service architecture, DevOps and other web frameworks. We are searching for a self-driven, enthusiastic Digital Products Architect with a proven track record in both technical expertise and good communication skills in Mandarin and English.
