数字化与信息安全咨询顾问招聘 - 莱茵检测认证服务(中国)有限公司

工作职责：

与潜在客户交流，准确理解客户需求，基于对客户以及行业的理解，协助客户确定项目范围、咨询方案、估算成本、协助报价。参与项目的实施，为客户提供数字化和信息安全相关的咨询服务。按照企业内部数据流走向，设计网络安全战略和路线图，管理安全项目，进行评估和分析。开展现状调研、差距评估、确定整改方向、管理体系建设、协助运行等工作并完成文件和资料的编制；推动项目完成。分析内容包括：风险识别和监测、风险控制和管理、隐私保护、合规分析（如GDPR）、安全转型、身份和访问管理（IAM）、网络安全、网络威胁分析和管理（CTM）、数据丢失预防（DLP）、应急响应、业务持续计划、云安全等。实现客户管理者期望，协助企业实现数字化以及完善信息安全配置。

3. 与集团位于德国、美国、英国、亚太等地的多个信息安全技术团队保持密切沟通，不断完善信息安全策略从而协助中国企业在数字化及信息安全方面对接国际先进标准。
 

岗位要求：

通信、计算机、信息安全或相关专业本科以上学历；

掌握信息安全咨询或安全体系制度的专业知识，了解信息安全方面的相关法律法规；

了解身份和访问管理（IAM）解决方案咨询和实施; 网络威胁分析和管理； 渗透测试； 脆弱性管理；事件响应；数据保护和隐私咨询; 移动安全; 云安全等安全相关领域；

5年以上IT服务管理/网络安全/风险控制 /IT运营/安全审计等相关经验；

较强沟通能力和表达能力

熟悉操作系统（UNIX, LINUX, Windows, Mac OSX）安全、数据库管理系统（Oracle, SQL Server, Sybase）安全或网络和安全设备（路由器、集线器、防火墙、交换机）的人员优先； 

熟悉信息安全和IT管理领域的相关标准（如ISO27001，ISO20000，ITIL，GDPR等）、隐私保护和漏洞评估等方面的人员优先；

拥有CISSP, CISA, CISM, ISO27001, CIPT, CCNP/CCIE，ITIL Expert, PMP/Prince2, 信息安全等级保护（MLPS）等相关信息安全认证者优先；

Responsibility:

Communicating with potential clients, grasping client needs, help build up project scope, consulting proposals, cost estimation, quotation based on the understanding of client situation and the business

Part of service delivery, providing digitalization and cybersecurity consulting service to the clients.

Design cybersecurity strategy and remediation plan, provide assessment and analysis based on the internal data flow of an enterprise

Conduct inspections, gap analysis, remediation advices, management system building, and the documentation of such

Analytic work include: risk detection, risk management, privacy protection, compliance analysis(e.g. GDPR), security transformation, IAM(Identity and Access Management), cybersecurity, CTM(Cybersecurity Threat Management), DLP(Data Loss Prevention), incident management, cloud security

Client expectation management, help with the digitalization and security configuration of an enterprise

3.  Close communication with German, US, UK, Asia cybersecurity teams, help build up the cybersecurity strategy and launch within Chinese enterprises

Requirements:

Majored in telecommunication technology, computer science, cybersecurity, or related fields, have a bachelor degree or above

 Understanding of cybersecurity consulting or security system, understanding of related legislations

Understanding of fields like: IAM consulting, CTM consulting, penetration test, vulnerability management, incident management, data protection and privacy consulting, mobile security, cloud security

5 year experience or above on IT service management/ network security/ risk management/ IT maintenance/IT security

Strong communicating and expressing skills

Good knowledge of OS security (UNIX, LINUX, Windows, Mac OSX), database system security (Oracle, SQL Server, Sybase) or device security (router, switch, firewall, etc) is preferred

Good knowledge of cybersecurity and IT management standards(ISO 27001, ISO 27000, ITIL, GDPR), privacy protection, vulnerability assessment is preferred

With certifications like CISSP, CISA, CISM, ISO27001, CIPT, CCNP/CCIE, ITIL Expert, PMP/Prince2, MLPS is preferred