你的职位及职责
Accountable for establishing, defining, and maintaining InformationSecurity
Demand Management and delivery planning processes for theElectrification
Business in AMEA region. Drives global, regional andlocal Information Security
leadership, guidance, and support for all theIS functions and IS organization
of ELIT and InfoSec IS service for ELbusiness in AMEA region. Provides
expertise to ensure that IS ser-vicesimpacting IT systems are operated in
security compliance withlegislation and external regulations (NIST, Local
InfoSec requirements,etc.), and the data contained are used and secured
properly.
任职资格
- Information Security is currently indicated as one of ABB’s highestrisks
and re-quires a focused approach to mitigate deficiencies. Byensuring
compliance re-quirements this role directly supports the Globalstrategic aim of
minimizing this risk.
- Complexity of EL IT organization, Information security IS Servicesand
Corporate IS operating model and the delivery of InformationSecurity services
(globally or locally).
- Working across multiple countries, cultures, languages and local
ITregulations for compliance.
- Main point of contact for their Region/Country area to ensure thatboth
Global and EL Information Security Services meets the needs of thebusiness.
- Acts as single point of contact for Business, IS Managers and otherrelevant
stakeholders, in order to evaluate and prioritize IS Risk &Security demands.
- Drives engagement with business and local IS through communication ofthe IS
Risk & Security programs, services and changes to CountryManagement, Local
Business Units, IS Managers and Country IS.
Qualifications
- Bachelor’s or master’s degree in information security or
technology,Computer Science, Software Engineering or a related
qualification,and/or demonstrated capability through past employment
ex-perience.
- Security Certifications (CISSP, CISM, etc.) and/or Auditorcertifications
(ISO 27001 auditor, CISA etc.) are desirable.
- Good knowledge of ITIL processes would be advantageous. Knowledge &
Experience
- 12+ years of Information Systems experience of which 5+ years inInformation
Security and/or IS Compliance.
- Expertise in understanding and managing of IS Risk, Security &Compliance
requirements in global organizations.
- Excellent experience in assessing, understanding security threatlandscape,
current and future state of security technologies and theirinter-relationship
with IT landscape.
- Excellent understanding of information security concepts,
protocols,industry best practices and strategies.
- Must be fluent in Mandarin & English, both verbal and written.