1, according to the group strategy, plan the information security system of the group.
2. It is responsible for establishing and maintaining the information security management system that meets the requirements of ISO27001, constantly improving the overall security level within the group, and receiving external audit and certification.
3. Responsible for organizing and formulating IT security strategy, IT risk management related management procedures, procedures, guidelines
4, it is responsible for monitoring the environment of the internal data security (resource management, resource management, authority management and password management), optimize the process and policy, and maintain the correctness and advance of the data security design.
5. Responsible for setting up the rules, rules and regulations for users, roles and permissions of the group information system.
6, responsible for regular audit of all information system logs, and urge relevant functional departments to fulfill their management responsibilities.
7. Assist to complete the backup management of department and project data, maintain the backup records of various data and the safety management of backup media.
8, formulate staff information security training plan and organize implementation.
1. College degree or above, major in computer science.
2. Basic knowledge of computer hardware and software, knowledge of network management and information security, knowledge of enterprise management.
3. Good organization, communication and coordination ability, and project management knowledge.