<p>Duties:<br><br>1. Proactively identify network and information security risks (including cloud applications and database audits), plan and improve information security architecture (including infrastructure and application systems) with technical support.<br><br>2. Lead IT compliance system construction, manage internal and external audit improvement closed-loop, and participate in contract compliance review. <br><br>3. Assign tasks to the IT department of the corresponding group, and lead including vulnerability management, network attack and defense exercises, writing various strategies, reports, emergency response plans and drill manuals.<br><br>4. Provide technical support to the IT department and its subsidiaries, including log analysis, permission management, security analysis tools and information management, and assist in updating various Internet assets. <br><br>5. Familiar with the internal company approval process, assist the IT department in handling administrative work and screening various entry and exit processes. <br><br>6. In case of need, responsible for server (physical/virtualized/cloud), database, network devices, storage and backup systems daily monitoring and maintenance. Handle infrastructure failure response, ensure core business system SLA compliance. Participate in disaster recovery system construction, and regularly execute disaster recovery drills.<br><br>Qualifications:<br><br>1. Educational background: Bachelor's degree or above, majoring in Computer Science, Software Engineering, Network Security, etc. <br><br>2. Work experience: IT work experience in a financial investment institution with more than 100 people; after holding CISSP or CISP, engage in network security work for 5 years or above, or network and infrastructure work for 8 years or above.<br><br>3. Professional skills:<br><br>(1)Hold valid CISSP or CISP certification.<br><br>(2)Have actual operation or audit experience on the following brand systems or devices: Changting, Qingteng Cloud, Qianxin, Sangfor, Nutanix, Pulse Secure, Cisco, Fortinet, Mobileiron , RedHat, Microsoft.<br><br>(3)Have experience in WEB+SQL application architecture audit or technical deployment and analysis.<br><br>(4)If you hold ISO/IEC27001 certification, CCNA or equivalent qualification, PMP, ITIL, MCSE, etc., you are preferred.<br><br></p>
View more
CISSP
Information Security
Certified Information Security Professional (CISP)
English
Mandarin
