Information Security Lead China

4 weeks ago

Shanghai, China Smith+Nephew Full time

Smith + Nephew is seeking an experienced Information Security professional to take on a role as primary Security Lead for China operations. The successful candidate will provide in-country support and guidance to the local IT and Business teams, applying Global Information Security Strategy and Governance, and manage compliance with China Cybersecurity Law with plans for future Compulsory Product Certification System (CPCS) certification.

This role requires a strong, self-motivated individual who can represent Information Security in S+N China Operations, take a leading role in raising Information Security maturity, supported by the Global IS team.

Responsible for designing and assuring the security architecture of cloud-based solutions, working with solutions architects to apply the information security requirements to solutions and ensuring the correct approval and sign off processes are applied.

Responsible for guiding and supervising the security-related work of system administrators (including host system administrators, database administrators, network administrators, database administrators, application administrators, etc.) and ordinary users, related to security and in compliance with S+N Global Policies, Procedures and Standards.This includes the

Responsible for providing suggestions for the purchase of security products, responsible for organizing the formulation of various security product policies and configuration rules, and responsible for tracking the use of security products after production deployment

Responsible for coordinating local pen testing and ensuring vulnerabilities are remediated.

Responsible for regularly analyzing and auditing the log files of China hosted systems, network products and application systems, and reporting problems in time

Responsible for organizing the security risk assessment of the China hosted information systems. Ensuring that regularly scanning and reporting of system vulnerabilities is performed and issues remediated promptly

According to the company's information security needs, regularly put forward information security improvement suggestions, and report to the Governance Risk & Compliance Director and Chief Information Security Officer.

Regularly check the security bulletins of the information security site, track and research various information security vulnerabilities and attack methods, and make corresponding countermeasures in a timely manner when security vulnerabilities and attack methods that may affect information security are discovered, and notify and guide system administrators to carry out security precautions

Responsibilities:

35% Supporting the deployment of secure IT solutions

 - Assessing project security requirements

 - Working with IT and Business Teams to devise Security Architecture, primarily for Cloud solutions, in compliance with S+N Governance

 - Working with IT and Business Teams to deploy necessary Information Security Controls, in compliance with S+N Governance and best practice

35% Monitoring and enforcing compliance with S+N Information Security Governance

 - Monitoring IT operations and reporting security anomalies and failures

 - Monitoring Security Controls to ensure correct design and operation

- Conducting Security Assessments and managing remedial activities

 - Reviewing system logs for unauthorized activities

 - Reporting on Information Security compliance

10% Managing CPCS certification

 - Leading CPCS cyber readiness analysis and remediation

 - Managing the ongoing certification maintenance program, once certified

5% Delivering local training and awareness

 - Conducting targeted local security training on current topics

10% Working with local IT and Business Teams to assess risks and register them in the S+N IT Risk Register

 - Holding Risk Forums and logging new risk in the SNOW IRM Risk Register

5% Supporting Cyber Incident Response

 - Informing the Security Operations team of any potential cyber incidents

 - Supporting the Security Operations team in analysis and remediation of incidents

Qualifications:

Bachelor’s degree in a Computer Science or related field, or an equivalent combination of training and experience.

Must be fluent in English and Mandarin, reading, writing, speaking and listening.

Licenses/ Certifications:

One or more professional qualifications related to Information Security will be an advantage e.g. CISA, CISSP, CIPP or similar

Experience:

At least 10 years in Information Security with 3-5 years securing cloud environments

Prior experience in running compliance programs against China Cyber Security Law

Prior experience in CPCS certification would be an advantage

Prior experience running programs or projects will be an advantage

Prior experience managing third party partners

Prior experience in healthcare industry e.g. Medical Devices, Pharmaceuticals, will be an advantage

A basic understanding of current Chinese privacy law will be an advantage

Physical Demands:

The position requires the ability to:-

Work in an office or from home (as required) with a high degree of PC work and meeting attendance.

  • Information Security Lead China

    2 weeks ago

    Shanghai, Shanghai, China Smith+Nephew Full time

    Smith + Nephew is seeking an experienced Information Security professional to take on a role as primary Security Lead for China operations. The successful candidate will provide in-country support and guidance to the local IT and Business teams, applying Global Information Security Strategy and Governance, and manage compliance with China Cybersecurity Law...

  • Director, Information Security Officer, Greater China

    1 week ago

    Shanghai, China Coca Cola Full time

    Description Summary: Position Overview: The Information Security Officer, GCM at The Coca-Cola Company will be a part of the Global Cybersecurity function under the Regional Information Security team. In this role you will lead or be a key coordinator of security initiatives to improve the security posture of the Greater China Operating Unit (OU),...

  • Lead Security Analyst, Quality and Security Awareness, China Security

    2 weeks ago

    Shanghai, Shanghai, China Stryker Full time

    Why join Stryker?We are proud to be named one the World's Best Workplaces and a Best Workplace for Diversity by Fortune Magazine Learn more about our award-winning organization by visiting Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards –...

  • Lead Security Analyst, Quality and Security Awareness, China Security

    4 weeks ago

    Shanghai, China Stryker Full time

    Why join Stryker?We are proud to be named one the World’s Best Workplaces and a Best Workplace for Diversity by Fortune Magazine! Learn more about our award-winning organization by visiting Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards...

  • Senior Manager, Information Security

    2 weeks ago

    Shanghai, Shanghai, China VF Corporation Full time

    Let's Talk about the Role The Cyber Security Senior Manager will support VF's Global Cyber Security Team by ensuring that information security risks associated with complex business operations are within acceptable tolerances. You will perform information security risk assessments, provide direction and guidance to stakeholders concerning the handling...

  • Asia-Pacific Regional Information Security Officer

    2 days ago

    Shanghai, China Informa Global Support Full time

    Job DescriptionKey Areas of Responsibility/AccountabilityHave region-specific understanding of the critical business assets, risks and mitigation plansDrive region-specific control implementations or special programmes, where deemed necessary based on risk assessments or local regulatory requirementsDefine and embed security-by-design principles across...

  • Asia-Pacific Regional Information Security Officer

    3 days ago

    Shanghai, China Informa PLC Full time

    Job Description Key Areas of Responsibility/Accountability Have region-specific understanding of the critical business assets, risks and mitigation plans Drive region-specific control implementations or special programmes, where deemed necessary based on risk assessments or local regulatory requirements Define and embed security-by-design principles...

  • China Securities Company

    3 days ago

    Shanghai, China JPMorgan Chase Full time

    Job Summary: As an Equity Research Translator, you will be part of China Publishing Team, which consists of Supervisory Analysts, Research Reviewers, Translators, and Production Specialists. You will provide accurate, clear and professional translation for Equity Research business. About our Securities Company China represents one of the largest...

  • Information Security Analyst-Senior I

    4 weeks ago

    Shanghai, China FedEx Full time

    Education: Bachelor's degree in Engineering, Computer Science, Electronics and Mathematics orrelated disciplineExperience: Five (5) years of work experience in information security, including two (2) years with appropriate operating systems/softwareEducation: Bachelor's degree in Engineering, Computer Science, Electronics and Mathematics orrelated...

  • Information Security Analyst-Senior I

    2 weeks ago

    Shanghai, Shanghai, China FedEx Full time

    Education: Bachelor's degree in Engineering, Computer Science, Electronics and Mathematics orrelated disciplineExperience: Five (5) years of work experience in information security, including two (2) years with appropriate operating systems/softwareEducation: Bachelor's degree in Engineering, Computer Science, Electronics and Mathematics orrelated...

  • Associate Manager, Vuln mgmt

    4 weeks ago

    Shanghai, China Stryker Full time

    Why join Stryker?We are proud to be named one the World’s Best Workplaces and a Best Workplace for Diversity by Fortune Magazine! Learn more about our award-winning organization by visiting Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards...

  • Product Security Professional – Greater China Market

    4 weeks ago

    Shanghai, Shanghai, China Philips Full time

    Job TitleProduct Security Professional – Greater China MarketJob DescriptionJob DescriptionThe Product Security Professional will be responsible for advancing the practice of product security risk assessment and design across Business Units in Greater China Market. The role will require influence through collaboration with Q&R, R&D, Sales, Service and RA...

  • GCR Security Solution Go-To-Market Lead

    4 weeks ago

    Shanghai, China Microsoft Full time

    Overview The Sales Enablement & Operations (SE&O) team plays an essential role translating Microsoft’s Commercial Strategy to a local execution plan and driving operational excellence to achieve the greatest results possible. Our team drives cross-company, cross-Area and cross-Subsidiary insight and execution excellence, bringing strategy and...

  • Security Manager

    2 weeks ago

    Shanghai, Shanghai, China ASML Full time

    Description Collaborate and support our business stakeholders on information security inquiries and embedding information security in the 1st line; Translate security requirements from our security policies delivered by the 2nd line of responsibility (RBA), into practical guidance and balance this with business needs; Coordinate and execute security...

  • Information & Cybersecurity Consultant

    4 weeks ago

    Shanghai, China Continental Full time

    Job Description As the Information & Cybersecurity Consultant, you will: Leads and participate in security projects ensuring alignment with business goals and compliance requirements. Perform thorough security assessments (penetration tests), identify vulnerabilities and design effective strategies to mitigate risks. Collaborate with and consult...

  • Security Manager

    4 weeks ago

    Shanghai, China ASML Full time

    Description Collaborate and support our business stakeholders on information security inquiries and embedding information security in the 1st line; Translate security requirements from our security policies delivered by the 2nd line of responsibility (RBA), into practical guidance and balance this with business needs; Coordinate and execute...

  • Information & Cybersecurity Consultant

    4 weeks ago

    Shanghai, Shanghai, China Continental Full time

    Continental is a leading technology company that focuses on creating innovative solutions for sustainable and connected mobility. With a rich history dating back to 1871, Continental is dedicated to providing safe, efficient, and affordable products for vehicles, machines, traffic, and transportation. The company generated sales of €33.8 billion in 2021...

  • Senior Security Analyst, Threat Hunting, China Security

    4 weeks ago

    Shanghai, China Stryker Full time

    Why join Stryker?We are proud to be named one the World’s Best Workplaces and a Best Workplace for Diversity by Fortune Magazine! Learn more about our award-winning organization by visiting Our total rewards package offering includes bonuses, healthcare, insurance benefits, retirement programs, wellness programs, as well as service and performance awards...

  • Product Security Professional – Greater China Market

    4 weeks ago

    Shanghai, China Philips Full time

    Job TitleProduct Security Professional – Greater China MarketJob DescriptionJob DescriptionThe Product Security Professional will be responsible for advancing the practice of product security risk assessment and design across Business Units in Greater China Market. The role will require influence through collaboration with Q&R, R&D, Sales, Service and...

  • Information & Cybersecurity Consultant

    2 weeks ago

    Shanghai, China Continental Full time

    Continental develops pioneering technologies and services for sustainable and connected mobility of people and their goods. Founded in 1871, the technology company offers safe, efficient, intelligent and affordable solutions for vehicles, machines, traffic and transportation. In 2021, Continental generated sales of €33.8 billion and currently employs more...