ISMS 高级产品经理（网络安全）

Job Responsibilities:

·Develop and execute information security and cyber security strategies, including the establishment and formulation of new systems.

·Conduct security risk assessments and vulnerability analysis for customer, and propose appropriate security solutions.

·Collaborate with the team to assess product security and provide security recommendations during product design and development.

·Establish and maintain security policies, standards, and procedures to ensure compliance with industry standards and regulatory requirements.

·Communicate with internal and external stakeholders to coordinate security initiatives and collaborative projects.

·Conduct quality control and audit to production site according to customer's audit criteria, write related audit reports and upload them to the company,

·Organize or participate in the organization of the audit to ensure the follow-up of the certification, and launch the related project of information or cyber security so on.

·Assess client compliance in order to issue or maintain certification

·Ensure timely production of good quality reports (including expenses claims) after the audit or project close-out, within the designated time-frame (for referential demanding)

工作职责：

·制定和执行信息安全和网络安全战略，包括新体系的建立和制定。

·为客户提供安全风险评估和漏洞分析，提出相应的安全解决方案。

·与团队合作，评估产品安全性，并在产品设计和开发过程中提供安全建议。

·建立和维护安全政策、标准和流程，确保符合行业标准和法规要求。

·与内部和外部相关成员沟通，协调安全事务和合作项目。

·按照客户的审核标准到现场进行质量控制和审核，撰写相关的审核报告并上传至公司。

·组织或参与审核，确保认证的后续工作，实施信息安全网络安全相关项目的开展,。

·评估客户的符合性，以便发放或维持认证。

·在审核或项目结束后，或在指定的时间范围内，确保及时完成好的质量报告（包括费用申报）。

Job Requirement:

·Bachelor's degree or higher in information security, computer science, or related field.

·Above 5+ years of experience in information security or network security.

·If qualification of cyber security related field is preferred.

·At least qualification of ISO27000 /ISO20000/ QMS/ISO9001 certification.

·In-depth understanding of cyber security and information security, with experience in establishing and formulating new systems.

·Excellent cross-departmental communication and collaboration skills, capable of providing solutions for the team.

·Good command of English and Standard Chinese.

·Willing to travel extensively and have good health.

工作要求：

·本科及以上学历，信息安全、计算机科学或相关专业。

·至少5年以上的信息安全或网络安全工作经验。

·具备网络安全相关领域资质者优先。

·至少持有ISO27000 /ISO20000/ISO9001相关认证资质。

·深入了解网络安全和信息安全领域，具备新体系建立和制定经验。

·具备跨区域和跨团队的沟通和合作能力，能够为团队提供解决方案。

·良好的英语水平，普通话标准。

·能够适应出差，身心健康。