KEY ACCOUNTABILITIES：
Threat Detection and Incident Response：
61 Proactively monitor the organisation’s security systems, such as Security Information and Event Management (SIEM) tools, Intrusion Detection/Prevention Systems (IDS/IPS), and endpoint protection solutions, to identify suspicious activities and potential breaches.
61 Investigate security incidents, conduct root cause analysis, and develop incident reports detailing the scope, impact, and resolution of the incidents.
61 Implement robust incident response plans, including containment, eradication, and recovery processes, to minimize downtime and data loss.
61 Regularly test incident response protocols through simulations and tabletop exercises to ensure readiness.
Risk Assessment：
61 Conduct regular risk assessments to identify vulnerabilities in applications, networks, and systems.
61 Utilize tools such as vulnerability scanners and penetration testing frameworks to assess the organisation's security posture.
61 Prioritise and remediate identified risks by implementing patches, reconfiguring systems, or deploying additional controls.
61 Work closely with the business continuity team to ensure risks are considered in disaster recovery and business continuity plans.
Policy Development and Compliance：
61 Develop, implement, and maintain information security policies and procedures tailored to the specific needs and regulatory requirements of operating in China.
61 Ensure compliance with the Cybersecurity Law of the People’s Republic of China, Data Security Law, and Personal Information Protection Law (PIPL).
61 Collaborate with the legal and compliance teams to align security practices with local and international regulatory frameworks, such as GDPR, if applicable.
61 Conduct regular policy reviews to adapt to evolving cybersecurity threats and business objectives.
Security Awareness Training：
61 Design and deliver engaging training programs for employees to promote awareness of phishing, social engineering, and other cyber threats.
61 Develop role-specific training tailored to technical teams, executives, and non-technical staff to ensure comprehensive coverage of security responsibilities.
61 Evaluate the effectiveness of training through assessments, phishing simulations, and feedback, making continuous improvements.
61 Foster a culture where employees understand their role in maintaining the organisation’s security posture.
System Hardening：
61 Configure and maintain firewalls, intrusion prevention systems, and endpoint protection tools to enforce access control and block unauthorised activities.
61 Implement secure configurations for operating systems, applications, and databases following industry benchmarks, such as CIS or NIST standards.
61 Regularly update and patch systems to address vulnerabilities and protect against zero-day threats.
61 Conduct penetration testing and remediate findings to reduce the risk of exploitation.
Reporting and Documentation：
61 Create detailed security reports that summarise threat trends, risk metrics, and incident resolutions for senior leadership and relevant stakeholders.
61 Maintain comprehensive documentation for all security protocols, incidents, and compliance audits to ensure traceability and accountability.
61 Provide actionable insights and recommendations to the IT and executive teams based on analysis of security data.
61 Assist in preparing for internal and external audits by providing evidence of compliance with regulatory and organisational security standards.
Continuous Improvement and Innovation
61 Stay updated on the latest cybersecurity trends, technologies, and threat landscapes to recommend innovative solutions.
61 Conduct periodic reviews of security tools and processes to identify inefficiencies or gaps.
61 Partner with global teams to share lessons learned and adopt best practices from other regions.
61 Develop and implement strategic projects to enhance the organisation's overall security posture, such as Zero Trust architecture or advanced threat detection systems.

EXPERIENCE AND QUALIFICATIONS：
61 Bachelor’s degree in Computer Science, Information Technology, or related field; certifications such as CISSP, CISM, or CEH are preferred.
61 3–5 years of experience in information security, cybersecurity, or a related field, with exposure to Chinese regulatory frameworks.
61 Strong understanding of information security standards, including ISO 27001, NIST, and local cybersecurity requirements.

SKILLS AND COMPETENCIES：
61 Technical Skills
o Proficient in SIEM tools, firewall management, and endpoint protection systems.
o Knowledge of encryption technologies, secure coding practices, and network security protocols.
o Hands-on experience with vulnerability management and penetration testing tools.
61 Analytical Thinking - Ability to assess complex security issues and implement effective solutions promptly.
61 Communication Skills - Strong verbal and written communication skills in both English and Chinese to interact with diverse stakeholders effectively.
61 Problem Solving - Demonstrated ability to handle security incidents and mitigate risks in high-pressure situations.
61 Adaptability - Capacity to stay updated on emerging threats, technologies, and regulatory changes in the cybersecurity landscape.
61 Cultural Awareness - Familiarity with Chinese business practices and regulations, ensuring compliance without compromising operational efficiency.