职位详情
五险一金
通讯津贴
领导好
发展空间大
技能培训
岗位晋升
弹性工作
带薪年假
Please note that this position is handled by the recruiter in Dalian, so the call will come from Dalian, Liaoning.
Job summary
The (Senior) Information Security Engineer is responsible for enhancing the security of the company’s IT infrastructure and its information by working together with internal IT and IS teams. In the long term, this position would be heavily involved with Dezan Shira’s external clients for providing IT security advisory services as well, once the internal information security situation has reached a high enough standard. Consistent customer care, quality standards, strong communication skill, and reporting requirements are core competencies for the position. Ability to quickly adapt to changing priorities and fluctuations in workflow are also requirements of the Information Security Engineer role.
Principal Responsibilities: (Essential Function)
Security Management
Auditing IT security level of all global offices and managing the information security threats associated with the operational environment
Reviewing existing IT infrastructure, locating weaknesses and developing improvement plans
Coordinating internal IT / IS team to implement security enhancement and mitigating security risk
Setting up and monitoring network and system baseline
Reviewing data backup strategy and plan, providing suggestions for improvement
Investigating, coordinating and addressing information security incidents
Performing penetration tests and forensic analysis
Risk Management
Communicating with senior management and other stake holders to understand the business solution, and creating risk management plans accordingly
Developing & reviewing Business Continuity Plan and Disaster Recovery Plan
Security Policy, procedure, guide
Creating security management systems via the analysis of business operations
Developing and carrying out security policies, procedures, and guides
Helping operation team to better comply with related security law & regulations, like Cyber Security Law of China or General Data Protection Regulation of EU
Reviewing and improving existing security control documents
ISO27001
Deeply involved in ISO27001 project to allow the company (or specific office) to be certified
Security awareness
Conducting and implementing information security awareness campaigns to all staff
Arranging the security related training to internal IT / IS team
Compliance
Tracking compliance to laws and regulations in IT field
Coordinating with legal and operational teams to identify compliance gaps and perform improvement actions
Client service
Providing IT security related advisory and implementation service to our clients
Performing IT Audit by coordinating with Audit team when needed
Other tasks
Occasionally providing IT support to local office staff as a backup role when local IT support team is temporarily not available.
Job Requirement
Skills
Good knowledge of IT domains such as networking, operation system, system software, infrastructure, and their common vulnerabilities
Hands-on experience with common security tools, system hardening, website protection, and a certain level of scripting / programming skill
Good working knowledge about IT security standards like ISO27001 / PCI-DSS / COBIT…etc., and common law & regulation in IT field, like GDPR, CSL, MLPS, and their impact on business operation
Knowledge and experience on cloud security / mobile security / ERP system / SQL database / IT audit will be a plus
Good verbal and written communication skills, must be able to use English as working language
Problem solving skills, organizational skills, and the ability to exercise sound judgment in any customer service scenario
The selected candidate must be good team player with self-motivation and have the ability to work independently with minimal direction
Willingness to travel and work beyond office hours in case of any urgent and important incidents
Education
Bachelor in IT or related discipline
CISSP / CISA /ISO27001 /Microsoft 365 or Azure certification will be a plus
Experience
3-5 years of experience in IT, with at least 2 years focus on information security
Working experience in multi-national company will be a plus
其他信息
语言要求:英语
行业要求:全部行业
所属部门:GIT&IS
公司介绍
Dezan Shira & Associates are a specialist foreign direct investment practice, providing legal, audit and tax services to multinationals investing in China, China Hong Kong, India & Vietnam.
Established in 1992, we are a ********Asia Regional practice with sixteen offices in these jurisdictions, employing almost 300 legal, accounting and audit professionals.
The advantages of working for us
Hectic but friendly and nourishing working environment where one’s ambitions and potential can grow and develop
Career advancement potential open to all levels
Possibilities to relocate to different offices
Being part of a successful and well known fast developing consulting firm in Asia
Additional background information on Dezan Shira & Associates can be found at ****************
We shall offer competitive packages to the right candidate and terrific career advancement opportunities.
工商信息
以下信息来自
注册地址
深圳市福田区福田街道岗厦社区福华三路88号财富大厦51B、51C、51D
统一社会信用代码
914403007576409583