Business Information Security Officer
花旗银行(中国)有限公司上海分行(企业银行)
- 公司规模:500-1000人
- 公司性质:外资(欧美)
- 公司行业:银行
职位信息
- 发布日期:2013-09-18
- 工作地点:上海
- 招聘人数:1
- 工作经验:五年以上
- 学历要求:本科
- 语言要求:英语熟练
- 职位类别:其他
职位描述
Job Descriptions:
? Works with the business to interpret and translate specific IS business program requirements into technical requirements.
? Assists security incident response teams in the investigation of incidents by responding in a timely manner. Helps security incident response teams resolve and close the investigation of incidents with proactive suggestions.
? Works with the technology group to support and complete the infrastructure review process;
? Ensures that technical controls are embedded in day-to-day operations and that remediation of non-compliance is documented and addressed.
? Identifies the need for and develops new and improved technical procedures and process control manuals.
? Demonstrates familiarity with IS technologies and issues on standard platforms.
? Coordinates and directs sessions with business and technical contacts regarding development and delivery of secure solutions.
? Assists infrastructure units to identify IS risks and controls for the development of products and systems.
? Facilitates the implementation of approved tools and identifies innovative and enhanced security solutions / emerging technologies (identity management, access control, confidentiality and security administration) for CATE review and certification.
? Engages a BISO, SME, or other senior ISO when additional business knowledge is required.
? Interfaces with the business where technical IS solutions are required and advises on the impact to the bottom line while still satisfying business objectives.
? Defines secure configurations leveraging technical knowledge and problem solving skills in the network, database, server and desktop technology areas in accordance with the secure SDLC process.
? Manages risk by analyzing the root cause of issues, impact to technology and required corrective actions leveraging advanced analytical skills.
? Schedules, hosts, and drives meetings with multiple levels of technology management requiring strong communication, influence, and diplomacy skills to ensure that secure development procedures are addressed.
? Participates in the definition and implementation of procedures to control developer access to production according to corporate guidelines and standards.
? Demonstrates knowledge of Intrusion Detection Systems as well as a thorough knowledge of server and desktop configurations as they relate to system security.
? Participates in the evaluation and selection of systems with specific focus on IS implications.
? Participates in the planning and implementation of IS administration for IT projects.
? Provides general IS consulting services including interpretation and/or clarification.
? Exercises oversight to the IS program within the business, including programs, policies, and related reporting.
? Collaborates to create Risk Acceptances (RAs), Risk Exceptions (REs), and Corrective Action Plans (CAPs) in the appropriate tools (iCAPs, CIRAS, etc.).
Requirements
? Full time bachelor or above degree holder
? Minimum 3 years of working experience in IS and at least 2 IS programs including, but not limited to, Audit Reviews, Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Incident Management, Vulnerability Assessment. Knowledge of key government regulations and local laws.
? Solid business experience, preferably in risk management activities.
? Well understand the IS risks that are inherent to a business.
? Strong communication skill both for oral and writing in Chinese and English
? Responsible and Reliable
? Minimum one held or working toward (CISSP, CISM, CISA)
? Works with the business to interpret and translate specific IS business program requirements into technical requirements.
? Assists security incident response teams in the investigation of incidents by responding in a timely manner. Helps security incident response teams resolve and close the investigation of incidents with proactive suggestions.
? Works with the technology group to support and complete the infrastructure review process;
? Ensures that technical controls are embedded in day-to-day operations and that remediation of non-compliance is documented and addressed.
? Identifies the need for and develops new and improved technical procedures and process control manuals.
? Demonstrates familiarity with IS technologies and issues on standard platforms.
? Coordinates and directs sessions with business and technical contacts regarding development and delivery of secure solutions.
? Assists infrastructure units to identify IS risks and controls for the development of products and systems.
? Facilitates the implementation of approved tools and identifies innovative and enhanced security solutions / emerging technologies (identity management, access control, confidentiality and security administration) for CATE review and certification.
? Engages a BISO, SME, or other senior ISO when additional business knowledge is required.
? Interfaces with the business where technical IS solutions are required and advises on the impact to the bottom line while still satisfying business objectives.
? Defines secure configurations leveraging technical knowledge and problem solving skills in the network, database, server and desktop technology areas in accordance with the secure SDLC process.
? Manages risk by analyzing the root cause of issues, impact to technology and required corrective actions leveraging advanced analytical skills.
? Schedules, hosts, and drives meetings with multiple levels of technology management requiring strong communication, influence, and diplomacy skills to ensure that secure development procedures are addressed.
? Participates in the definition and implementation of procedures to control developer access to production according to corporate guidelines and standards.
? Demonstrates knowledge of Intrusion Detection Systems as well as a thorough knowledge of server and desktop configurations as they relate to system security.
? Participates in the evaluation and selection of systems with specific focus on IS implications.
? Participates in the planning and implementation of IS administration for IT projects.
? Provides general IS consulting services including interpretation and/or clarification.
? Exercises oversight to the IS program within the business, including programs, policies, and related reporting.
? Collaborates to create Risk Acceptances (RAs), Risk Exceptions (REs), and Corrective Action Plans (CAPs) in the appropriate tools (iCAPs, CIRAS, etc.).
Requirements
? Full time bachelor or above degree holder
? Minimum 3 years of working experience in IS and at least 2 IS programs including, but not limited to, Audit Reviews, Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Incident Management, Vulnerability Assessment. Knowledge of key government regulations and local laws.
? Solid business experience, preferably in risk management activities.
? Well understand the IS risks that are inherent to a business.
? Strong communication skill both for oral and writing in Chinese and English
? Responsible and Reliable
? Minimum one held or working toward (CISSP, CISM, CISA)
公司介绍
About Citi China
Citi first established an office in China on May 15, 1902, in Shanghai. In April 2007, Citi was among the first international banks to locally incorporate in China. Citi’s locally incorporated entity is known as Citibank (China) Co., Ltd, which is wholly owned by Citibank N.A. Today Citi is a leading international bank in China with footprint in thirteen cities across China (Beijing, Changsha, Chengdu, Chongqing, Dalian, Guangzhou, Guiyang, Hangzhou, Nanjing, Shanghai, Shenzhen, Tianjin, Wuxi). Citi has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions, Citi is the most global of all international banks in China.
关于花旗中国
花旗在中国的历史可追溯至一九零二年五月。花旗是中国领先的外资银行,为客户提供广泛的金融产品。2007年4月2日,作为首批成功转制本地法人银行的外资银行,花旗银行(中国)有限公司正式成立;2007年4月23日,花旗银行(中国)有限公司成为首批正式对中国境内公民开展人民币业务的外资银行之一。
目前,花旗分别在北京、上海、广州、深圳、天津、成都、杭州和大连设有多家分支行,开展企业银行业务和零售银行业务。花旗在全球100多个国家开展业务,是中国最具全球性的外资银行之一。
Our business is expanding rapidly and we are looking for highly qualified, ambitious individuals wishing to progress to the highest levels of their personal career development in Citibank.
We provide challenging and rewarding career opportunities with the vacancy:
The successful candidate will be provided with superior career development opportunities and a competitive remuneration package. If you are interested in being considered for the position please send your CV ( in English & Chinese) to us.
(Please indicate position applied & "51Job" on the envelope)
Citi first established an office in China on May 15, 1902, in Shanghai. In April 2007, Citi was among the first international banks to locally incorporate in China. Citi’s locally incorporated entity is known as Citibank (China) Co., Ltd, which is wholly owned by Citibank N.A. Today Citi is a leading international bank in China with footprint in thirteen cities across China (Beijing, Changsha, Chengdu, Chongqing, Dalian, Guangzhou, Guiyang, Hangzhou, Nanjing, Shanghai, Shenzhen, Tianjin, Wuxi). Citi has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions, Citi is the most global of all international banks in China.
关于花旗中国
花旗在中国的历史可追溯至一九零二年五月。花旗是中国领先的外资银行,为客户提供广泛的金融产品。2007年4月2日,作为首批成功转制本地法人银行的外资银行,花旗银行(中国)有限公司正式成立;2007年4月23日,花旗银行(中国)有限公司成为首批正式对中国境内公民开展人民币业务的外资银行之一。
目前,花旗分别在北京、上海、广州、深圳、天津、成都、杭州和大连设有多家分支行,开展企业银行业务和零售银行业务。花旗在全球100多个国家开展业务,是中国最具全球性的外资银行之一。
Our business is expanding rapidly and we are looking for highly qualified, ambitious individuals wishing to progress to the highest levels of their personal career development in Citibank.
We provide challenging and rewarding career opportunities with the vacancy:
The successful candidate will be provided with superior career development opportunities and a competitive remuneration package. If you are interested in being considered for the position please send your CV ( in English & Chinese) to us.
(Please indicate position applied & "51Job" on the envelope)
联系方式
- 公司地址:地址:span花园石桥路33号花旗集团大厦