分享该职位
立即申请 »

Group Information Security - Risk and Compliance

职位编号:  41640
集团:  Magna Powertrain
分支机构:  MPT China Group Office - CNY
职位类型:  定期合同
地点: 

SHANGHAI, CN

集团描述

出行变革。创造更智能、更清洁、更安全、更轻量的汽车科技。这就是我们在 Magna Powertrain 的激情所在,我们正在创造世界级动力总成系统。我们是全球汽车业界的领军供应商,在动力总成系统的设计、开发、测试和制造方面拥有全面能力。我们的名称是优质、环保与安全的代名词。创新既是我们的动力,也是我们的目标。Magna Powertrain 目标远大,致力于打造未来出行方式。

 

关键职责

  • Serve as Information Security leader in Magna Powertrain (MPT) for audits.
  • Provides guidance and expert advice to different business units in areas of information technology and cyber security as it relates to audit requirements.
  • Lead the risk assessment program for MPT with input from Product Group Vice Presidents, General Managers and Controllers; adjusting and prioritizing as necessary.
  • Launch/Kick-off all pro-active site assessments within the program.
  • Ensure appropriate operating procedures, including awareness campaigns and training based on policies, standards, and guidelines.
  • Lead internal Information Security onsite assessments of in-scope Divisions based-upon risk profile.
  • Provide planning, preparation and guidance (i.e. audit support) to Divisions scheduled for internal audit.
  • Actively seeks resolution, mitigation or closure in identified security risks and gaps; acts as consultation leader for MPT Divisions in this regard.
  • Serves as Information Security Consultant and Subject Matter Expert for AP region.
  • Provides input into the Group Information Security Strategy.
  • Provides Operational and Program support for Group Information Security shared service as needed.
  • Provide technical security expertise in key areas of IT (e.g. network, firewall, etc.).

关键资质/要求

  1. Bachelors of Science degree in Computer Science, Engineering, Computer Security, Information Systems, or equivalent proof of baseline knowledge.
  2. Strong knowledge of various frameworks/regulations such as ISO 27001/2, NIST 800-53, NIST Cybersecurity Framework, GDPR, TISAX, SOX, ITIL, COBIT, COSO or similar.
  3. 3+ years of multi-domain IT and/or security experience (e.g. IT Project, IT Networks, etc.).
  4. 3+ years of Security, or IT management, preferably for teams of 4+ is desired
  5. Accredited certifications a plus, such as: CISA, CISSP, OSCP, GCIH (Certified Incident Handler) GCIA (Certified Intrusion Analyst) CEH (Certified Ethical Hacker)
  6. Previous Internal/External auditor experience

其他信息

At Magna Powertrain, Information Security is of the highest priority.  The protection of our data, both internal and external, from threats is paramount to our success.  The [HR Title] - Group Information Security – Risk & Compliance provides leadership, strategy, operational enforcement and monitoring of all Information Security policies at the Group level, liaising closely with Corporate Information Security, IT and other related Functions.

 

The role of the Group Information Security Risk and Compliance is to ensure that all Information Security requirements and protocols are effectively implemented across all locations. 

资格

14--Information, Security, Risk, Compliance C--Fixed Term Contract 

立即申请 »