Cyber Compliance Manager
Found in: Talent CN S2 - 7 days ago
Under the general direction of GC BISO or delegate and working with other IT, BST, etc. throughout the firm, the roles will perform the following functions:
Participate as an integral part of the Security Team in general:
- Responsible for conducting internal IT, Cybersecurity, and third-party information security risk management activities for various information services systems and processes including IT SOX compliance.
- Responsible for security product management of Local initiatives and third-party services.
- Responsible for China initiative project follow up and risk escalation.
- Support regulatory compliance audits relating to SOX in scope system, especially SAP.
- Responsible for implementation of controls within the Information Security Strategy and Governance program, monitoring, remediation, and reporting of controls gaps in the IT and Cybersecurity program areas. Provide management level status update and risk profile dashboards including current and desired future state of control maturity.
- Articulate risks identified from various sources (IT service providers, third party, risk assessments, vulnerability scan and pen tests) in terms of business impact, and maintain the risk register up-to-date with all new risk information and changes
- Assess, report and mature the compliance posture for internal policies and guidelines as well as regulatory requirements based on frameworks including NIST CSF, ISO, SOC, CSL/MLPS 2.0, etc.
- Maintain, improve, and enforce BCG security policies and IT security standards along with security exception processes.
- Effectively engage IT, stakeholders, business partners, and vendors to maintain an understanding of current risks, new systems, and changes to the environment; and to agree a mitigation plan, a remediation strategy and appropriate timelines for any issues found.
- Conduct and support vendor security assessments.
- Assist and support the Global Senior Director of Information Security Strategy and Governance by bolstering detailed business and technical coordination in critical projects.
- Provide security awareness training and design training framework.
- Cyber compliance
- Standards, regulations and legislation.
- Security awareness
- Technologies and solutions
- Industry best practices
- Client requirements and concerns
YOU'RE GOOD AT
- Technical and functional expertise
- Understanding of information security concepts including: cloud security and compliance, encryption, access controls, intrusion detection and prevention, disaster recovery, network security, security operations, security architect.
- Must have previous career development experience which has provided management skills, motivational skills, interpersonal skills, and outstanding organizational effectiveness.
- Knowledge of the legal and regulatory landscape related to security and privacy in an international environment.
- Very strong business sense with ability to relate technology issues to business.
- Problem solving, analytical skills and decision making
- Requires strong analytical skills and abilities including an extensive knowledge of software, database, operating systems, client server architecture and voice and data communication services and facilities, security and privacy, in an international setting
- Collect, review, and analyze various metrics, which help to measure and monitor systems, departmental performance, and quality. Discern and analyze trends.
- Review and prepare monthly status reports and statistics
- Manage group and project budgets
- Communication, interpersonal and teaming skills
- Outstanding verbal and written communications skills are a must because of the requirement to represent BCG in communications with clients.
- Calm demeanor, grace under fire, outstanding listening skills
- Leadership, impact and change
- High level of initiative and self-motivation, resourceful, and patient with an iterative process
- Ability to gain trust and commitment of others at different levels of the organization
- Proven ability to challenge traditional way of operating and moving beyond the obvious
- Translates BCG’s broader strategic objectives and cascades these into own work plans, metrics and team work plans
- Works effectively with significant ambiguity and fluctuating priorities and constrains
- Work management, organization and planning
- Ability to evaluate and prepare detailed project plans for technology projects that will be implemented across the business. Manage local and global technology problems and direct staff in resolution of such problems. Evaluate and advise on the technology and systems components associated with projects adopted by BCG corporate and offices.
- Ability to monitor projects and direct staffs to ensure projects are aligned with the strategic objectives of the business.
- Customer and business focus
- Focuses on the most critical issues that have the highest impact on the organization and business needs
- Working mode: “enabling”, “value adding” and “expanding”.
- Treats all others with respect; generate trust.
- People management
- This position requires interaction with BCG Partners, BCG Case Team staff, client legal and security staff, Administrative Management, vendors, IT Management and Staff, Legal Department, Finance, Vendors, etc. Very strong relationship skills are essential. Excellent Leadership and teaming skills are required.
- Values and ethics
- Strong sense of confidentiality and integrity.
- Treats others with respect and generates trust.
- Establish relationships based on respect, trust and integrity.
YOU BRING (EXPERIENCE & QUALIFICATIONS)
• Bachelor’s degree (or equivalent);
• Minimum 5 years of information security experience, with a very strong cyber compliance background
• Significant information security and risk management experience in a multinational enterprise
• Experience working with and implementing GRC tools and processes.
• Hands on working experiences and deep insights into Security control requirements.
• Experience building and developing successful risk management programs.
• Experience with vendor management and conducting third-party risk assessments.
• Experience creating and maintaining security policy, standard, guideline, and procedure documents.
• Extensive knowledge and experience in security and compliance frameworks such as NIST, ISO, SOX etc.
• Experience in facilitating and performing third-party vendor risk assessments with the ability to provide guidance on secure design and operation.
• Security certification like CRISC, CISSP, CISM, CISA or equivalent a plus.
• Fluent in both oral and written English.
YOU'LL WORK WITH
BCG’s information technology group collaboratively delivers the latest digital technologies that enable our consultants to lead and our business to grow. For our IT jobs, we seek individuals with expertise in the areas of IT infrastructure, application development, business systems, collaborative and social technologies, information security, and project leadership.
-
Global Information Security Manager
Found in: Talent CN S2 - 7 days ago
Xuhui Qu, China Boston Consulting Group Full timeWHAT YOU'LL DOParticipate as an integral part of the Cyber Security Incident Response Team Support cyber incident response actions to ensure proper assessment, containment, mitigation and documentation Support cyber investigations and contribution to large and small scale computer security incidents Review and analyze cyber threats and provide support,...
-
Global Information Security Senior Manager – Incident Response
Found in: Talent CN S2 - 7 days ago
Xuhui Qu, China Boston Consulting Group Full timeWHAT YOU'LL DOUnder the general direction of the Information Security Director – Incident Response or delegate and working with other Risk, IT, BST, etc. colleagues across the firm, the roles will perform the following functions: Participate as an integral part of the Security Team and IT in general Work closely with CSIRT team people & technology to...
-
Ethics & Compliance Governance Manager
Found in: Talent CN S2 - 6 minutes ago
Huang Pu Qu, China 1215 GlaxoSmithKline (China) Investment Co Ltd Full timeRole Purpose: The Ethics and Compliance Governance Manager will provide governance on corporate risk management over ABAC risk including 3rd party due diligence, ensuring controls and processes are well designed to mitigate ABAC risk and are effectively embedded into business operation, and producing key metrics including monitoring results,...
-
HR Specialist Contractor, MyHR Compliance
Found in: Talent CN S2 - 7 days ago
Pu Dong Xin Qu, China Air Products Full timeHR Specialist Contractor, MyHR Compliance AS-CN-Shanghai Zhangjiang Job Description and Qualifications Air Products and Chemicals, Inc. Position Description Position Title : HR Specialist Contractor -MyHR Compliance Reports To : MyHR Administration Supervisor Department : MyHR-Compliance China/Hong Kong Location : ...
-
ASOQ - Satair China Operational Quality Management
Found in: Talent CN S2 - 7 days ago
Haidian Qu, China airbus Full timeJob Description: The Satair Quality team is looking for a new Quality Operational Manager for the Satair Beijing warehouse. You will be a key actor driving the success of the local quality operations: on-time and on-quality closure of related customer and supplier claims, on-time and on-quality certification of parts (via Hua-Ou interface), audit planning...
-
Supplier Development Management
Found in: Talent CN S2 - 5 days ago
Haidian Qu, China airbus Full timeJob Description: A. AccountabilitiesThe job holder is accountable for leading, within and in collaboration with suppliers, complex projects/missions aiming in sustainably improving the industrial performance of a supplier or a supplier’s site and/or restoring and securing supplier performancesIn his role the Supplier Development manager is accountable...
-
Technical expert/R&D Microbiology
Found in: Talent CN S2 - 7 days ago
Chaoyang Qu, China BSI Full timeGreat that you're thinking about a career with BSI! Job title: Technical Specialist and Scheme Manager (Microbiology) Location : China / Japan (homebased) Are you a Microbiologist, Sterilization Engineer, or Quality Manager looking for an interesting career change? BSI hires qualified and experienced industry microbiologists to help clients navigate...
-
General Procurement Buyer
Found in: Talent CN S2 - 5 days ago
Haidian Qu, China airbus Full timeJob Description: Description of the job:General Procurement (GP) is looking for a new colleague in China. Fully integrated in the Procurement organisation, GP China’s mission is to procure goods and services on behalf of the business entities in China, and as such to play a major role in generating value and contributing to the overall competitiveness of...
-
Head of Procurement China
Found in: Talent CN S2 - 7 days ago
Minhang Qu, China Eppendorf Full timeYour challenges : Accountability (Deliverables / Results) Procurement Strategy & Management Accountable for continuously updated regional procurement strategy and governance aligned with global procurement, business divisions, commercial strategies, and set-up of implementation approach Accountable for positioning procurement as a value-driven...
-
Upgrade Production Engineer
Found in: Talent CN S2 - 7 days ago
Haidian Qu, China airbus Full timeJob Description: A.AccountabilitiesThe job holder is responsible for developing aircraft retrofit design in avionics and airframe (incl. hydraulic) systems;The job holder is responsible for specific design integration of the technical definition created by the Design Manager.The job holder is responsible for the technical expertise of SB content and...
-
Head of R&D Tech Center Shanghai
Found in: Talent CN S2 - 2 weeks ago
Minhang Qu, China Eppendorf Full timeYour challenges Accountability (Deliverables / Results): Setup and maintenance of a fully functional R&D department in order to autonomously run HW-Device projects and deliver the expected results in time, scope and budget Apply the Eppendorf innovation process and safeguard compliance of all project activities with local, global and legal...
-
(Senior) Medical advisor
Found in: Talent CN S2 - 6 days ago
Huang Pu Qu, China GSK Full timeRole Purpose 职位目的: Provides medical and scientific value to respiratory medical team. Collaboration and cross-functional working with internal stakeholders (marketing, sales, regulatory) to plan and execute medical plan. Ensure that all company scientific activities respect internal, national and international ethical guidelines. Key...
-
Design Engineer-P002625
Found in: Talent CN S2 - 7 days ago
Haidian Qu, China airbus Full timeJob Description: A. AccountabilitiesThe jobholder provides specific design solutions to fulfil various requirements, include but not limited airworthiness, material, manufacturing, weight, cost etc.B. Main activitiesDevelop aircraft structure design in consistency with the state of art technologies and process regarding metallic, composites or any other as...
-
Aviation Decarbonisation Engineer – Sustainability
Found in: Talent CN S2 - 5 days ago
Haidian Qu, China airbus Full timeJob Description: A. Accountabilities The aviation sector, recognized to be a “hard to abate” sector in term of decarbonisation, is seeking to reduce greenhouse gas emissions, with manufacturers and airlines announcing “zero-emission” objectives in a close future (2050). Low carbon aviation solutions and fuels appear to be central to reach this...
-
Flight Operations and Training Expert Pilot
Found in: Talent CN S2 - 7 days ago
Haidian Qu, China airbus Full timeJob Description: The main mission of the Airbus Flight Operations Support & Training Standards department is to define the flight operations standards as reflected in the Airbus flight operations manuals (procedures, techniques, limitations, systems descriptions, dispatch conditions…), to define the manufacturer minimum training requirements for the whole...
-
Marketing Analysis
Found in: Talent CN S2 - 1 week ago
Haidian Qu, China airbus Full timeJob Description: Accountabilities: The jobholder will help ELTRA to collect and analysis information, do marketing analysis and research, organize marketing activities, develop new business opportunities, new key accounts and business partners and component service strategies.Main activities: 1)Information Collection and analysis● Collect and analysis...
-
Blow Molding Engineer
Found in: Talent CN S2 - 7 days ago
Feng Xian Qu, China Greif Full timeGreif offers a great working environment and the opportunity to make an immediate impact at a company where your ideas are always welcome.Job Requisition #:027110 Blow Molding Engineer (Open)Job Description:Key Responsibilities Evaluates facility technical quality requirements and recommends solutions, changes, and modifications as required to ensure...
-
Structure Repair Engineer-P002673
Found in: Talent CN S2 - 7 days ago
Haidian Qu, China airbus Full timeJob Description: AccountabilitiesThe job holder is responsible for delivering repair instructions in accordance with the relevant certification/airworthiness requirements and Airbus process and methods.The job holder is responsible for developing his/her technical skills as a repair approver.The job holder is responsible for ensuring delivery performance as...
-
Senior Warehouse Clerk
Found in: Talent CN S2 - 7 days ago
Bin Hai Xin Qu, China 1844 GlaxoSmithKline (Tianjin) Co. Ltd Full timeJob Purpose 岗位目的: To effectively manage all the materials and goods in company. To support product manufacturing and supply to market on time. Employee behaviors comply with GMP, EHS and SOP...
-
Head of Service Engineering APAC
Found in: beBee S CN - 4 weeks ago
Yang Pu Qu, China Continental Full timeContinental develops pioneering technologies and services for sustainable and connected mobility of people and their goods. Founded in 1871, the technology company offers safe, efficient, intelligent and affordable solutions for vehicles, machines, traffic and transportation. In 2022, Continental generated sales of €39.4 billion and currently employs...
