The focus will be on:
- Establish and optimize the Group's data security strategy.
- Evaluate and establish data security technical measures.
- Organize and coordinate the implementation of strategy and technical measures for business units within the Group and companies in various regions of the world.
- Planned and guided the company-wide establishment and improvement of data security management and control system, promoted the implementation of data security and privacy risk strategies, and improved the company's data security management and control capabilities and maturity.
- Improve and optimize the company's data classification, grading strategy and technical measures.
- Responsible for the design and technical implementation of the classification and labelling of sensitive data types in the data security Law, the establishment of a full-link data flow risk monitoring and analysis platform, the definition of data security risk monitoring strategies, the monitoring risk warning of scenarios such as outbound and date abroad scenarios, and the implementation of the data security law.
- Formulate data security technology solutions under the company's data management strategy based on specific data usage scenarios between business departments within the company and between the company and ecological partners and suppliers.
- Provide data security solutions for data storage, data flow, destruction and backup under the data center and cloud architecture.
- Participate in the company's employee terminal security behavior monitoring products, data leakage prevention products, USB external device port control, terminal security detection and response and other integrated program design, implementation, and deployment, to prevent data leakage.
- Data security event analysis and processing, can timely respond to sudden data security events to provide technical support.
- Continue to investigate the industry's advanced data security products, programs and practices, combined with the company's actual business scenarios and needs, carry out internal and external exchanges, introduce advanced experience and product technology, transform and internalize the company's data security capabilities.
- High confidence and comfort to work with a global companies’ institute, take global responsibilities and use English as primary work language.
- Have practical experience in data security platform capacity building and solutions for large domestic and foreign enterprises.
- In-depth understanding and long-term data life cycle security management, enterprise-level data security management experience.
- Understand domestic and foreign data security laws and regulations, have the corresponding data security compliance knowledge and ability.
- Professional consultancy skills for communications and presentation.
- Have the ability to think independently and breakthrough solutions.
- Ability to be flexible on job prioritization and manage multitask in a complex environment.
- Ability to influence and communicate effectively with both technical and non-technical audiences, including senior business executives and managers.
- Bachelor Degree of Information Security, Computer Science or other related majors.
- Proficient in data classification and grading, DLP, data encryption, data desensitization, data watermarking, data permission management, data risk detection and behavior analysis, event traceability, big data business and platform security and other data security mainstream technologies and overall solutions.
- Training in front of large group of people.
- Security related certificates such as CISSP/CISM/CISA/CIPT are preferred.