Job description:
Participate in the planning, operation and maintenance of
the company's information security management system, develop the company's
information security norms and processes, continue to iterate and optimize, and
constantly improve the company's information security management level.
Promote the company's information security management
certification, and comply with the requirements of information system security
level protection laws and regulations.
Cooperate with teams to analyze and evaluate the information
security risks of the network, system, authority, data, etc, explore the
security vulnerabilities of the information system, identify the potential
threats to the information security in the operation process, and follow up
various rectification and optimization measures.
Responsible for daily information security incident
response, assist security investigation and incident follow up.
Work closely with internal teams, vendors and regulators to determine
new safety infrastructure opportunities.

Qualifications:
Bachelor degree or above, more than 5 years experience in
network security, data security and other information security management.
Familiar with ISO27001 information security related
standards, information system security level protection and other information
security policies and regulations.
Good cross-organizational communication skills, be able to coordinate internal and external
resources to deal with complex information security issues.
Those with CISP, CISSP and other industry qualification
certificates are preferred.