Job Title (Public Field):
Enterprise Security Engineer
Location (Public): Shanghai, China Contract Type (Public):
Permanent Role Description
● About the company: Fast Retailing
Information Security Specialist
Description
●Maintain an information management and protection framework for an effective global supply chain-wide governance program.
●Identify, track, and oversee internal and external compliance and regulatory requirements (PCI, Data Privacy, etc.) for the global supply chain including compliance with established policies, procedures, standards, baselines, and controls.
●Manage day-to-day security activities, including conducting vendor security assessments and privacy security assessments, implementing company policies, and communicating related to the information security program.
●Handling Information Security Management, addressing information security threats and incidents within global supply chain, and driving remediation.
●Manage information security awareness programs and provide training to all production office staff.
●Guide and support staff and provide security training and awareness programs to promote a culture of security and best practices within the organization.
●Assist other ISO members to respond to security incidents in global supply chain (personal/confidential information, system hacking, local employee information leakage, information breach, store physical security, customer center security)
任职资格
Language Must:
Fluency in Chinese and English, be able to speak and utilize it in daily work. *Nice to have in Japanese (English: CET6 / TOEIC 700 or above level.) Experience Technical skills:
●At least 3 years of experience in a cybersecurity role, with a focused experience in risk assessment, compliance and training.
●Knowledge and Experience in information security governance frameworks such as ISO27001 (and ISO27701 framework, NIST CSF, etc.)
●Knowledge and Experience in information security incident response.
●Experience in developing and enforcing security policies and procedures.
●Knowledge in Operation Technologies systems and their security implications. ●Knowledge in global supply chain management.
●Excellent communication skills to convey complex security concepts to technical and non-technical stakeholders.
●A proactive and adaptable mindset, with a willingness to stay updated on emerging threats and technologies.
●Understanding and ability of risk analysis for cyber threats. (Preferred)
●Other technical and/or security certifications are preferred. (e.g. CISA, CISM, CISSP, SANS, GIAC, etc.). (Preferred). Education, skills, and abilities:
●Educational Background: IT, Security, Audit, Computer Science or other related majors. ●Excellent communication skills.
●Ability to multitask, prioritize work effectively, and manage tasks/projects to completion. ●Ability to work independently and within a team environment.
●Highly motivated and strong sense of responsibility and ownership.
●Willingness and ability to travel globally up to 50% (mostly China and ASEAN). Career Path Personal growth within the Information Security Office in China and other foreign locations and broadening career to a wide range of opportunities depending on the candidates’ ability, aptitude, and motivation.