招聘岗位:高级信息安全经理
发布时间:2011年2月15日
ESSENTIAL DUTIES & RESPONSIBILITIES:
1. Information Security Management -100%
- Define the strategy and plan to improve the organization security levels
- Evaluate the organization security risks and make plan for mitigation
- Conduct BCM analysis and define the BCP.
- Educate and train the staff to be aware about the security process
- Establish the measurement system to evaluate the effectiveness of security controls
- Lead and coordinate with other department to implement the security controls.
- Work closely with IT department to monitor security events for computer virus, hacking, security breaches and malicious activities
- Work closely with IT department to deal with security incidents and develop prevention plan
- Provide suggestion/ solution according to customer security requirements and work closely with related team to Implement it
- Monitor the security bulletin to know the new security vulnerability, evaluate the risk and implement the controls
- Improve the security process based on the business needs
- Implement internal security audit and cooperate with external auditors or customer for external audit
- Integrate customer security requirements into company security process, define specific security policy for new ODC team
- Implement new security standard like PCI, SAS70, SOX to meet organization business goal
REQUIRED QUALIFICATIONS:
1) Competencies: Skills, knowledge, & abilities
Functional Competencies:
- Good understanding of security management systems and knowledge, like Firewall, IDS/IPS, Anti-virus, Operation System, Database, TCP/IP etc
- Knowledge on security standard, like ISO27001, ISO20000, PCI, SAS70, SOX etc.
- Knowledge on various kinds of international famous Information Security Products and solutions.
- Good presentation and documentation skill
Interpersonal Competencies:
- Strong analytical and organizational skills
- Must be able to work in a fast-paced yet structured environment, communicate concisely and clearly to all levels of the organization, and be willing to drive quality into the development process - Show initiative and drive
- Demonstrate ability to acquire understanding and absorb new information rapidly; a "quick study."
- Strong problem-solving skills to address complex problems within the technical arena and develop creative and practical solutions
- Capable of multi-tasking
- Team player with strong people skills
- Must consistently project a professional attitude
- Escalate issues appropriately to senior management
- Excellent communication skills
Leadership Competencies:
- Strong confidence, positive working attitude and work with passion;
- Good leadership and influence;
- Excellent stress management skill;
- Excellent time management skill for multiple tasking;
- Demonstrate integrity, maturity and a constructive approach to challenges.
- Develop an good understanding of Bleum's core values:
- Honest,
- Customer Orientation,
- Takes Ownership,
- Discipline,
- Excellence,
- Enjoy the Journey
- Make decisions using good judgments that are in line with strategy and understand how projects fit into overall development strategy and process.
- Demonstrate respect, responsiveness and professionalism toward others while providing superior service for customers
2) Experience:
- Must have at least 5+ years experience in Information Security area, with 2+ year experience in a ISO27001 certificated company
- Must have at least 2+ year experience with IT system maintenance & configuration like network management, server maintenance etc
- Must have at least 2+ year experience with ISO27001 compliance process implementation
- Must have a working knowledge of security process improvement
- Must have the knowledge of PCI, SOX, SAS70
- Knowledge of BS25999, ISO20000, ITIL is a plus
- CISSP, CIW, CISP, CISA certificate is a plus
3) Minimum educational level:
- B.S. Computer Science or equivalent
查看该条招聘信息,请点击这里。