Loading...
 
Req ID:  962
Location: 

Shanghai, China

Date:  10-May-2022

Information Security Manager

Job Description (Not for posting)

  • Be the organization’s representative for China Cybersecurity matters
  • Lead the ooverall Information Security posture assessment, Control dashboard, Maturity and Capability Level.
  • Support the Risk Management and Legal & Compliance department on China Cybersecurity Law, GDPR, Data security, PCI-DSS, etc.
  • Review/maintain the IT Security policies, standard, Guidelines and procedures.
  • Manage and maintain the Risk Register and Risk Assessment, Identify and assess risks and work with internal and external stakeholders to develop mitigation plan.
  • Support the Senior Management in discussion with authorities when necessary.
  • Work with IT and Business to ensure the security and privacy assessment are performed throughout the project lifecycle.
  • Interface with company internal or external auditors
  • Lead the awareness program for DFS employees.
  • Other duties as assigned.

Job Description

Purpose and Objective of Position

DFS is embarking on transforming its retail stores into smart stores that leverage technology to improve customers experience, drive sales and conversion.

The ideal candidate that DFS is looking for, would be fresh, energetic, technology savvy with a “can do” spirit and work on a wide range of IT Security project. Project could be office, store or data center, covering all DFS location across the world. Quick learner of various store business functions and operations, great interpersonal relationship skills with the business users and management, understand what works and what doesn’t, work with global IT team(s) to recommend appropriate alternatives or solutions.

 

Essential Job Duties and Responsibilities

  • Be the organization’s representative for China Cybersecurity matters
  • Lead the ooverall Information Security posture assessment, Control dashboard, Maturity and Capability Level.
  • Support the Risk Management and Legal & Compliance department on China Cybersecurity Law, GDPR, Data security, PCI-DSS, etc.
  • Review/maintain the IT Security policies, standard, Guidelines and procedures.
  • Manage and maintain the Risk Register and Risk Assessment, Identify and assess risks and work with internal and external stakeholders to develop mitigation plan.
  • Support the Senior Management in discussion with authorities when necessary.
  • Work with IT and Business to ensure the security and privacy assessment are performed throughout the project lifecycle.
  • Interface with company internal or external auditors
  • Lead the awareness program for DFS employees.
  • Other duties as assigned.

Key Requirements

Knowledge, Skills and Abilities Required

  • Educational Requirements: Degree in Computer Science, Computer engineering or any related fields or related work experiences in Cybersecurity.
  • Work Experience: Minimum 8 years
  • Licenses/Certifications required: CISSP, CISM, CISA, CDPSE, CIPP CIPM, or other security/privacy certifications
  • Critical knowledge & skills including tools, software applications, language, etc.
  • Demonstrates thorough abilities and/or a proven record of success in the following areas:
  • Experience with Security, Data Protection, Risk Management and Response.
  • Comfortable talking with people from different departments both Business and technical IT.
  • Hands-on experience on data privacy laws such as GDPR, China Cybersecurity law, PIPL.
  • Solid understanding of PCI DSS, ISO27001/ISO270002, NIST, COBIT or other IT governance best practices.
  • Strong English and Chinese languages are required – written and verbal

 

Other Qualifications / Core Competencies

  • An outcome-focused mindset who can translate the business requirements into deliverable actions.
  • Team player and able to collaborate across diverse stakeholders to achieve security objectives.
  • An ability to learn quickly and successfully adapt to rapidly changing technology.
  • Knowledge of current IT industry trends and solutions
  • Self-motivated, with ability to work independently.
  • Good judgement

 

Working Conditions / Environment

  • This role is based in Shenzhen or Shanghai , but occasional travel may be required.

DFS is an equal opportunity employer. It is the Company’s policy and practice to employ, promote and treat all employees and applicants on the basis of merit, qualifications and competency and to provide all employees with a workplace that is free of discrimination. Employment decisions are based on qualifications such as education, work experience and talent, and are made without regard to race, color, gender, religion, age, national origin, marital status, sexual orientation, disability or any other basis protected by law.