招聘岗位:Senior Security Engineer / 高级信息安全工程师
发布日期:2011年3月23日
ESSENTIAL DUTIES & RESPONSIBILITIES:
1. Security Control-80%
· Assess the security risks on the network and IT system, and provide the solution to mitigate the risks
· Implement the security controls to improve the security level
· Analyze Palo Alto Network report and identify actions to prevent the security issues
· Monitor security events for computer virus, hacking, security breaches and malicious activities and take actions to reduce the impact
· Deal with security incidents and develop prevention plan
· Develop BCP plan and implement the BCP testing
· Provide suggestion/ solution according to customer security requirements and work closely with related team to Implement it
· Monitor the security bulletin to know the new security vulnerability, evaluate the risk and implement the controls
· Research the new technique to strengthen security system
· Educate and train the staff to be aware about the security process
2. Security Process Improvement -20%
· Improve the security process based on the business needs
· Document and improve the operation process for IT department
REQUIRED QUALIFICATIONS:
1) Competencies: Skills, knowledge, & abilities
Functional Competencies:
· Good Understanding of security management systems and knowledge, like Firewall, IDS/IPS, Anti-virus, Operation System, Database, TCP/IP etc
· Good Knowledge of ISO27001
· Knowledge on ISO20000, PCI, SAS70, SOX etc is a plus
· Master common penetration test tool is preferred
Interpersonal Competencies:
· Ability to effectively manage their time in order to finish tasks on schedule
· Escalates issues appropriately to manager
· Good communication skills
· Good documentation skills
· Must project a professional attitude
· Ability to work effectively with a cross-functional team
Leadership Competencies:
· Demonstrate integrity, maturity and a constructive approach to challenges.
· Develop an understanding of Bleum's core values:
· Honest,
· Customer Orientation,
· Takes Ownership,
· Discipline,
· Excellence,
· Enjoy the Journey
· Able to multi-task (work on multiple deliverables at once)
· Demonstrate an attitude of joint accountability for all aspects of security, whether or not directly assigned responsibilities.
· Demonstrate respect, responsiveness and professionalism toward others while providing superior service for customers
2) Experience:
Have at least 5+ year experience with IT system maintenance & configuration like network management, server maintenance etc
Have at least 1+ year experience with ISO27001 compliance process implementation
Have a working knowledge of security process improvement
Knowledge of PCI, SOX, SAS70, BS25999, ISO20000, ITIL is a plus
CISSP, CIW, CISP, CISA certificate is a plus
3) Minimum educational level:
B.S. Computer Science or equivalent