• Implement ‘IT in engineering laboratory/manufacture' in plant according to central directive （ITL/ITM）
根据中央指令在工厂实施IT工程实验室/制造中的应用设置
- Defining and implementing engineering laboratory/manufacture infrastructure concept (including IT devices, network, server and database, etc.) considering both daily operation and future needs
定义并实施工程实验室/制造基础设施的IT设置及使用方案（包含IT设备、网络、服务器及数据库等），兼顾日常运营与未来需求
- Define and ensure organizational measures for data security in laboratories/manufacture
制定并落实实验室/制造环节的数据安全组织措施
- Training and coordination of local lab/MOE organization
培训并协调本地实验室及生产现场的IT及网络安全
- Perform annual IT security audits in local laboratories/manufacture
对当地实验室/生产现场执行年度IT安全审计
- Consulting for setup and acquisition of related equipment
提供相关IT设备配置与采购咨询
- Perform regular communication with local Engineering/manufacture management on ITL/ITM topics
定期与本地工程/制造管理部门就ITL/ITM议题进行沟通
• IT and data security for business data and local developed application/systems （LAC）
业务数据及本地开发应用/系统的IT与数据安全
- Define and implement security checklist and control process
制定并实施安全检查清单与控制流程
- Support risk assessment and implement measures accordingly
支持风险评估并落实相应措施
- Yearly risk re-certification for running applications
运行应用程序的年度风险再认证
• ISP, IDM and access management
ISP、IDM及访问管理
- User Training & awareness improvement in department
部门用户培训与意识提升
- Provide security consult to served departments
为服务部门提供安全咨询
- Document and regular updating of ISP concept according to central directive and regional laws
依据中央指令及区域法规记录并定期更新ISP方案
- Define data protection method in department level to avoid business loss
制定部门级数据保护方法以避免业务损失
- Department folder Authorization concept definition
部门文件夹授权方案定义
- Local application registration and management
本地应用程序注册与管理
- Non-standard software management to avoid compliance issue
非标准软件管理以规避合规风险
- Authorization application in IDM and regular checks to ensure proper usage
在IDM中实施授权申请机制并定期核查确保规范使用
• Other relevant tasks arranged by superiors for achieving company’s objectives.
上级交办的为实现公司目标的其他工作。
• Education学历
Bachelor or above degree, major in Computer Science, Information Security, Information System, Information Management or other similar majors.
本科及以上学历，计算机科学、信息安全、信息系统、信息管理或相关专业。
• Experience工作经验
Minimum 3 years work experience in cyber security, data security, newwork and server maintainence, Computer Hardware or Software management, previous relevant working experience in a global environment is an advantage.
三年以上网络安全、数据安全、网络及服务器运维、计算机硬件或软件管理相关工作经验，有跨国企业从业经历更佳；
• Skills技能
- Basic understanding of information security and/or IT governance and/or access and identity management topics
具备信息安全和/或IT治理和/或访问与身份管理领域的基础知识
- Self-confident, Communication/influence skills, Presentation Skills, team player
自信果敢，具备沟通/影响力技巧、演示能力，善于团队协作
- Clear and fluent in Mandarin, Good written and oral English
普通话清晰流利，英语书面及口语能力良好
- Proficient in the use of word, excel, ppt and other commonly used office software
熟练使用Word、Excel、PPT等常用办公软件
- Meet with below requirements are preferred
符合以下条件者优先：
• Entitled as CISA or CISSP or ISO27001 IA/LA or PMP/Prince2
持有CISA、CISSP、ISO27001 IA/LA或PMP/Prince2认证
• Digital talents who are familiar with python, power platform, etc.
熟悉Python、Power Platform等技术的数字化人才
• Other其它
- Positive attitude, proactive and initiative
积极的态度，前瞻性和进取心
- Well organized, logic thinking, attention to details
思维清晰，有逻辑，细心
- High reliability and confidentiality consciousness
高度的责任心和保密意识
- Good health
身体健康
- Good professional ethics
良好的职业道德
- Care about details and precision
注重细节及精确性
- Self-motivated and able to work under pressure
能够自我激励并承受工作压力
- Able to work overtime if necessary
必要时可以加班
- Hold positive attitude whenever facing different opinions or other problems and take nessesary actions to facilitate solutions
出现意见不合或其他问题时能够以积极的态度应对，并采取行动积极配合以促进问题的解决。