Your Responsibilities：
Technical Security Advisory
? Perform security assessments and vulnerability evaluations in alignment with corporate security baselines and policies.
? Provide expert security guidance for on?demand requests, including solution design reviews and architectural recommendations.
? Participate in IT and security projects as a subject matter expert to ensure secure implementation of systems and services.
? Operate and enhance key security services and platforms (e.g., SIEM, IAM, Vulnerability Management).
? Support the full vulnerability management lifecycle: identification, prioritization, mitigation tracking, and reporting.
? Collaborate with stakeholders to analyze security gaps and risks, contributing to the continuous maturity of the corporate IT security environment.
Governance, risk and compliance
? Support internal and external audits by preparing documentation, coordinating participants, and managing evidence.
? Monitor compliance with security policies, processes, and controls across global locations.
? Track audit findings and ensure clear ownership and remediation accountability.
? Assist in developing and maintaining security-related documentation, including controls, procedures, and reports.
? Provide training and guidance to stakeholders on security requirements and audit expectations.
? Contribute to incident management and access governance processes as required.
Additional Responsibilities
? Collaborate closely with the Information Security team to ensure alignment on audit requirements, security controls, and evidence preparation.
? Prepare, guide, and train audit participants to ensure they understand security expectations, control implementations, and documentation standards.
Your Profile:
? Bachelor’s degree in Computer Science, IT Security, Engineering, or a comparable field.
? Minimum 3–5 years of experience in cybersecurity, IT risk & compliance, audit coordination, or security operations.
? Experience working in international environments and collaborating with cross?functional teams.
? Strong understanding of IT security principles, frameworks, and risk management practices (e.g., ISO 27001/2, NIST, NIS2).
? SIEM & EDR platforms (e.g., Splunk, Sentinel, LogRhythm)
? Vulnerability management processes and security assessment methodologies
? Incident response principles
? Cloud security (AWS, Azure, GCP) — advantage
? Excellent communication and interpersonal skills for engaging stakeholders and senior management.
? Ability to work effectively in a dynamic, global, and multicultural environment.
? Strong analytical and conceptual thinking, structured work style, and a team?oriented mindset.
Once a resume is submitted to the recruiting company, it is considered that the applicant agrees to the collection, processing, use, and disclosure of their resume and other personal information by the recruiting company for recruitment purposes.
一旦向招聘公司投遞簡歷，即視為應(yīng)聘者同意招聘公司基于招聘目的而對其簡歷和其他個人信息進行收集、處理、使用和披露等。