Information Security Lead China
2 weeks ago
Smith + Nephew is seeking an experienced Information Security professional to take on a role as primary Security Lead for China operations. The successful candidate will provide in-country support and guidance to the local IT and Business teams, applying Global Information Security Strategy and Governance, and manage compliance with China Cybersecurity Law with plans for future Compulsory Product Certification System (CPCS) certification.
This role requires a strong, self-motivated individual who can represent Information Security in S+N China Operations, take a leading role in raising Information Security maturity, supported by the Global IS team.
Responsible for designing and assuring the security architecture of cloud-based solutions, working with solutions architects to apply the information security requirements to solutions and ensuring the correct approval and sign off processes are applied.
Responsible for guiding and supervising the security-related work of system administrators (including host system administrators, database administrators, network administrators, database administrators, application administrators, etc.) and ordinary users, related to security and in compliance with S+N Global Policies, Procedures and Standards.This includes the
Responsible for providing suggestions for the purchase of security products, responsible for organizing the formulation of various security product policies and configuration rules, and responsible for tracking the use of security products after production deployment
Responsible for coordinating local pen testing and ensuring vulnerabilities are remediated.
Responsible for regularly analyzing and auditing the log files of China hosted systems, network products and application systems, and reporting problems in time
Responsible for organizing the security risk assessment of the China hosted information systems. Ensuring that regularly scanning and reporting of system vulnerabilities is performed and issues remediated promptly
According to the company's information security needs, regularly put forward information security improvement suggestions, and report to the Governance Risk & Compliance Director and Chief Information Security Officer.
Regularly check the security bulletins of the information security site, track and research various information security vulnerabilities and attack methods, and make corresponding countermeasures in a timely manner when security vulnerabilities and attack methods that may affect information security are discovered, and notify and guide system administrators to carry out security precautions
Responsibilities:
35% Supporting the deployment of secure IT solutions
Assessing project security requirements
Working with IT and Business Teams to devise Security Architecture, primarily for Cloud solutions, in compliance with S+N Governance
Working with IT and Business Teams to deploy necessary Information Security Controls, in compliance with S+N Governance and best practice
35% Monitoring and enforcing compliance with S+N Information Security Governance
Monitoring IT operations and reporting security anomalies and failures
Monitoring Security Controls to ensure correct design and operation
Conducting Security Assessments and managing remedial activities
Reviewing system logs for unauthorized activities
Reporting on Information Security compliance
10% Managing CPCS certification
Leading CPCS cyber readiness analysis and remediation
Managing the ongoing certification maintenance program, once certified
5% Delivering local training and awareness
Conducting targeted local security training on current topics
10% Working with local IT and Business Teams to assess risks and register them in the S+N IT Risk Register
Holding Risk Forums and logging new risk in the SNOW IRM Risk Register
5% Supporting Cyber Incident Response
Informing the Security Operations team of any potential cyber incidents
Supporting the Security Operations team in analysis and remediation of incidents
Qualifications:
Bachelor's degree in a Computer Science or related field, or an equivalent combination of training and experience.
Must be fluent in English and Mandarin, reading, writing, speaking and listening.
Licenses/ Certifications:
One or more professional qualifications related to Information Security will be an advantage e.g. CISA, CISSP, CIPP or similar
Experience:
At least 10 years in Information Security with 3-5 years securing cloud environments
Prior experience in running compliance programs against China Cyber Security Law
Prior experience in CPCS certification would be an advantage
Prior experience running programs or projects will be an advantage
Prior experience managing third party partners
Prior experience in healthcare industry e.g. Medical Devices, Pharmaceuticals, will be an advantage
A basic understanding of current Chinese privacy law will be an advantage
Physical Demands:
The position requires the ability to:-
Work in an office or from home (as required) with a high degree of PC work and meeting attendance.
-
Shanghai, Shanghai, China Stryker Full timeWhy join Stryker?We are proud to be named one the World's Best Workplaces and a Best Workplace for Diversity by Fortune Magazine Learn more about our award-winning organization by visiting Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards –...
-
Senior Manager, Information Security
2 weeks ago
Shanghai, Shanghai, China VF Corporation Full timeLet's Talk about the Role The Cyber Security Senior Manager will support VF's Global Cyber Security Team by ensuring that information security risks associated with complex business operations are within acceptable tolerances. You will perform information security risk assessments, provide direction and guidance to stakeholders concerning the handling...
-
Information Security Analyst-Senior I
2 weeks ago
Shanghai, Shanghai, China FedEx Full timeEducation: Bachelor's degree in Engineering, Computer Science, Electronics and Mathematics orrelated disciplineExperience: Five (5) years of work experience in information security, including two (2) years with appropriate operating systems/softwareEducation: Bachelor's degree in Engineering, Computer Science, Electronics and Mathematics orrelated...
-
Shanghai, Shanghai, China Philips Full timeJob TitleProduct Security Professional – Greater China MarketJob DescriptionJob DescriptionThe Product Security Professional will be responsible for advancing the practice of product security risk assessment and design across Business Units in Greater China Market. The role will require influence through collaboration with Q&R, R&D, Sales, Service and RA...
-
Product Security Professional – Greater China Market
2 months ago
Shanghai, Shanghai, China Philips Full timeJob TitleProduct Security Professional – Greater China MarketJob DescriptionJob DescriptionThe Product Security Professional will be responsible for advancing the practice of product security risk assessment and design across Business Units in Greater China Market. The role will require influence through collaboration with Q&R, R&D, Sales, Service and RA...
-
Security Manager
2 weeks ago
Shanghai, Shanghai, China ASML Full timeDescription Collaborate and support our business stakeholders on information security inquiries and embedding information security in the 1st line; Translate security requirements from our security policies delivered by the 2nd line of responsibility (RBA), into practical guidance and balance this with business needs; Coordinate and execute security...
-
Information & Cybersecurity Consultant
1 month ago
Shanghai, Shanghai, China Continental Full timeContinental is a leading technology company that focuses on creating innovative solutions for sustainable and connected mobility. With a rich history dating back to 1871, Continental is dedicated to providing safe, efficient, and affordable products for vehicles, machines, traffic, and transportation. The company generated sales of €33.8 billion in 2021...
-
Information & Cybersecurity Consultant
4 weeks ago
Shanghai, Shanghai, China Continental Full timeContinental is a leading technology company that focuses on creating innovative solutions for sustainable and connected mobility. With a rich history dating back to 1871, Continental is dedicated to providing safe, efficient, and affordable products for vehicles, machines, traffic, and transportation. The company generated sales of €33.8 billion in 2021...
-
Senior Cyber Security Analyst
4 weeks ago
Shanghai, Shanghai, China Philips Full timeJob TitleSenior Cyber Security AnalystJob DescriptionSenior Cyber Security AnalystWe are seeking a highly skilled and experienced Senior Cyber Security Analyst to join our Group Security organization in China. The ideal candidate will be responsible for participating in daily Security Operations Center (SOC) incidents, as well as longer term activities...
-
Senior Cyber Security Analyst
2 months ago
Shanghai, Shanghai, China Philips Full timeJob TitleSenior Cyber Security AnalystJob DescriptionSenior Cyber Security AnalystWe are seeking a highly skilled and experienced Senior Cyber Security Analyst to join our Group Security organization in China. The ideal candidate will be responsible for participating in daily Security Operations Center (SOC) incidents, as well as longer term activities...
-
Cyber Security Product Manager
2 weeks ago
Shanghai, Shanghai, China Bureau Veritas Group Full timeResponsibilities: In charge of overseeing the entire Industrial Cyber Security service development process and responsible for yearly service revenue Ensure BV China Operations' compliance with product accreditation and related regulations, and contribute to international accreditations management Aid in crafting the marketing and sales strategy for...
-
Information Security Consulting Manager
1 month ago
Shanghai, Shanghai, China Logicalis Full timeWhy choose Logicalis? As Architects of Change, Logicalis' focus is to design, support and execute clients' digital transformation by uniting their vision with their technology expertise and industry insights. The company, through its deep understanding of key IT industry drivers such as security, cloud, data management and IoT, can address customer...
-
Information Security Consulting Manager
2 weeks ago
Shanghai, Shanghai, China Logicalis Full timeWhy choose Logicalis? As Architects of Change, Logicalis' focus is to design, support and execute clients' digital transformation by uniting their vision with their technology expertise and industry insights. The company, through its deep understanding of key IT industry drivers such as security, cloud, data management and IoT, can address customer...
-
Information Security Consulting Manager
4 weeks ago
Shanghai, Shanghai, China Logicalis Full timeWhy choose Logicalis? As Architects of Change, Logicalis' focus is to design, support and execute clients' digital transformation by uniting their vision with their technology expertise and industry insights. The company, through its deep understanding of key IT industry drivers such as security, cloud, data management and IoT, can address customer...
-
Shanghai, Shanghai, China Marriott International Full timeJOB DESCRIPTIONLead and oversee the security architecture and engineering team for the Greater China region. Certification of Security Control attestations and assessment of control implementation to grant Approval for new infrastructure, services, applications, and processes in Marriott's Production Environments. Utilize Security Engagement processes,...
-
Cyber Security Consultant
2 weeks ago
Shanghai, Shanghai, China Majorel Corporate Full timeCyber Security Consultant - ShanghaiDu willst ein Team, das voll und ganz hinter dir steht? Das und viel mehr findest du bei uns.--> Full Time With Professional Experience We're hiring at our location in Shanghai Cyber Security Consultant - Shanghai AboutMajorel has been acquired by Teleperformance, allowing us to deliver even more exceptional services...
-
Senior Security Engineer
2 weeks ago
Shanghai, Shanghai, China Riot Games Full timeResponsibilities: Manage and maintain the measurement to monitor and report on the control effectiveness in all information security area in China Ensure the local security governance fulfillment, e.g. MLPS Conduct security risk management tasks and collaborate with teams of different functions to encourage the security concept across the business...
-
Assistant Manager, IT Security
2 weeks ago
Shanghai, Shanghai, China PUMA Full timeYOUR MISSIONThreat Assessment and Management: Continuously monitor and evaluate the IT environment for potential security threats and vulnerabilities. Implement measures to prevent, detect, and respond to cyber incidents.Policy Development and Enforcement: Develop, implement, and maintain company-wide IT security policies and procedures. Ensure these are in...
-
Cyber Security Engineer
1 month ago
Shanghai, Shanghai, China ZF Group Full timeReq ID 64867 Shanghai, China We are currently expanding our R&D teams and looking for new colleagues who will join our team in Shanghai.Your tasks:Support the implementation of cyber security processes at CVS with the guide of a Cyber Security coach Keep CVS up-to-date regarding cyber security trends and emerging technologies Interacting with customers and...
-
Cyber Security Engineer
2 weeks ago
Shanghai, Shanghai, China ZF Group Full timeReq ID 64867 Shanghai, China We are currently expanding our R&D teams and looking for new colleagues who will join our team in Shanghai.Your tasks:Support the implementation of cyber security processes at CVS with the guide of a Cyber Security coach Keep CVS up-to-date regarding cyber security trends and emerging technologies Interacting with customers and...