Responsibilities: 1.Responsible for security risk assessments on new and existing applications and systems to ensure strong risk management strategies, tools, frameworks and standards are in place. 2.Identify and provide analysis and recommendations for IT security risks, and track corrective actions performed by the business thru risk exception process. 3.Provide accurate and timely reports to demonstrate individual and team activities and progress 4.Work closely with IT and business representatives to drive risk assessment and remediation 5.Provide consultation on security policies and general best practices 6.Evaluate and provide security approvals related to application and infrastructure changes with focus on firewall rule approval and recertification. 7.Participate in audits to establish compliance with security policy and country regulations 8.Contribute to individual, team, and security function continuous improvement projects. Requirements: In order to succeed in this role, you must: -Advanced knowledge of infrastructure and application security and risk management concepts. -Have good understanding of industry regulations i.e. MAS TRM, HKMA, FSA, etc. -Have general knowledge on emerging technologies such as Fintech, Mobile & Virtualization. -Must have demonstrable previous IT Security experience in risk management, audits/compliance, security system development, and/or operations. Vulnerability/ Patch Management experience is a plus. -Prior experience in DevSecOps methodology and its application is preferred -Must have direct IT and business stakeholders management in a confident and responsive manner. Previous security sales and/or team management experience should be highlighted. -Must have excellent English oral and written communication. -Must be motivated, and able to work independently as well as part of a team and must demonstrate ethical responsibility, maturity, and discretion It also helps if you have the following certification(s) or equivalent experience, are preferred: CRISC, CISM, CISA, CISSP, ITIL, GCCC

岗位职责 Role & responsibility： 1、 规划、实施、管理、监控和升级安全措施，以保护组织的数据、系统和网络； 2、 排除安全和网络的问题； 3、 应对所有系统和网络安全漏洞； 4、 通过启用适当的安全控制，确保组织的数据和基础设施受到保护； 5、 参与变更管理过程； 6、 测试和识别网络和系统漏洞； 7、 日常和各部门保持良好的沟通； · Planning, implementing, managing, monitoring, and upgrading security measures to protect the organization's data, systems, and networks. · Troubleshooting security and network problems. · Responding to all system and/or network security breaches. · Ensuring that the organization's data and infrastructure are protected by enabling the appropriate security controls. · Participating in the change management process. · Testing and identifying network and system vulnerabilities. · Daily administrative tasks, reporting, and communication with the relevant departments in the organization. 任职要求 Qualification & skills requirements： 1、 本科及以上学历、计算机科学、IT、系统工程相关专业毕业优先考虑； 2、 2年事件检测、事件响应和取证工作经验； 3、 具有防火墙功能和维护、office 365安全、VSX和端点安全方面的经验； 4、 熟练掌握Python、C++、Java、Ruby、Node、GO、power Shell; 5、 抗压能力强，能够在快节奏的环境中工作； 6、 注重细节，具有分析能力和解决问题的能力； 7、 对网络安全趋势和黑客技术有良好的人事； · A computer science, IT, systems engineering, or related qualification. · 2 years of work experience with incident detection, incident response, and forensics. · Experience with Firewalls (functionality and maintenance), Office 365 Security, VSX, and Endpoint Security. · Proficiency in Python, C++, Java, Ruby, Node, Go, and Power Shell. · Ability to work under pressure in a fast-paced environment. · Strong attention to detail with an analytical mind and outstanding problem-solving skills. · Excellent awareness of cybersecurity trends and hacking techniques. 职位描述 Job description： 广播工程师负责维护电视、广播或互联网等广播用途的技术设备和系统，并排除故障。 A Broadcast Engineer is responsible for maintaining and troubleshooting technical equipment and systems for broadcasting purposes, such as television, radio, or internet.

Security Compliance Manager Flexport Security team is growing and looking for a highly motivated security compliance specialist to join our team and drive regulatory and certification compliance requirements for our products. You will help to build and manage our security compliance program. You should be a technically experienced and innovative security, risk, compliance, and audit professional who has the ability to understand systems, security, and privacy processes, communicate to customers, and be able to drive innovative process changes through multiple organizations and teams. Key job responsibilities: Understand and rationalize compliance requirements for service and device security. Provide business-specific interpretations and support automation opportunities Review security controls that are technical in nature, such as access controls, data encryption in transit and at rest, and auditing and logging user activity Engage with the Business and SMEs to ensure compliance with information security policies Liaise with auditors, articulate control implementation and impact, and establish considerations for applying security, privacy, and compliance concepts to a technical cloud environment Maintain control libraries and compliance requirements and guidance materials for various security standards and regulations Experienced in reporting metrics, timelines, and effective project management skills. Provides input to privacy, disclosure, and confidentially guidelines. Assists in the implementation of processes and procedures for compliance reporting and metrics activities. Researches best practices and innovative approaches to enable assessment and communication of compliance risk and metrics. Preferred Qualifications: 3-5 years of experience in security or compliance consulting or advisory work in support of a highly technical environment 3-5 years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. China information security-related law and regulations, GBT, NIST, SOC1, ISO, or ISO) 3-5 years of experience designing, implementing, and/or running technical GRC solutions Master’s degree in Information Security, Computer Science, Risk Management, Data security with 5 years of experience, or equivalent Bachelor’s degree with 5 years of experience. Experience working directly with security engineers, auditors, and development teams Excellent English is written and verbal communication skills while engaging both technical and non-technical stakeholders

Security Compliance Manager Flexport Security team is growing and looking for a highly motivated security compliance specialist to join our team and drive regulatory and certification compliance requirements for our products. You will help to build and manage our security compliance program. You should be a technically experienced and innovative security, risk, compliance, and audit professional who has the ability to understand systems, security, and privacy processes, communicate to customers, and be able to drive innovative process changes through multiple organizations and teams. Key job responsibilities: Understand and rationalize compliance requirements for service and device security. Provide business-specific interpretations and support automation opportunities Review security controls that are technical in nature, such as access controls, data encryption in transit and at rest, and auditing and logging user activity Engage with the Business and SMEs to ensure compliance with information security policies Liaise with auditors, articulate control implementation and impact, and establish considerations for applying security, privacy, and compliance concepts to a technical cloud environment Maintain control libraries and compliance requirements and guidance materials for various security standards and regulations Experienced in reporting metrics, timelines, and effective project management skills. Provides input to privacy, disclosure, and confidentially guidelines. Assists in the implementation of processes and procedures for compliance reporting and metrics activities. Researches best practices and innovative approaches to enable assessment and communication of compliance risk and metrics. Preferred Qualifications: 3-5 years of experience in security or compliance consulting or advisory work in support of a highly technical environment 3-5 years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g. China information security-related law and regulations, GBT, NIST, SOC1, ISO, or ISO) 3-5 years of experience designing, implementing, and/or running technical GRC solutions Master’s degree in Information Security, Computer Science, Risk Management, Data security with 5 years of experience, or equivalent Bachelor’s degree with 5 years of experience. Experience working directly with security engineers, auditors, and development teams Excellent English is written and verbal communication skills while engaging both technical and non-technical stakeholders

公司直招，非中介，工资有保障工作稳定，承诺不收取任何费用，任何费用均由公司承担报销，本公司常年招聘临时保安，长期保安，各种项目（小区，售楼处，工厂，工地，写字楼，地铁）等，均可根据个人形象意愿安排。 大型购物商场保安，日结200,公司免费提供吃住服装被褥，3天后日结，离职提前7天不扣任何费用正常离职工资一次性结清。 岗位：门岗（坐岗）主要负责 进出车辆 人员 管控  对外来人员 车辆 核实 登记  双人执勤 工作轻松 巡逻岗：对小区内部 乱停乱放车场管控及各个巡视点位打点 发现问题及时上报  2小时巡视一次   以上岗位均为长期工作，日结不享受公司提供的待遇。 要求：年龄 55周岁以下  身高 168以上 身体健康无疾病 月结工资6500月休4天，入职满1月公司提供五险一金。有工作照片和宿舍照片。

工作地点：昆明盘龙区 岗位职责：  1. 负责医院治安、确保人员和财产的安全；  2. 按照医院规定和操作流程，进行巡逻、检查、值班等工作，维护医院的正常秩序；  3. 及时发现和处理治安、消防安全隐患，避免事故发生；  4. 协助处理突发事件，保护现场，维护秩序，及时汇报上级领导；  5. 严格执行公司规章制度，维护公司形象；  6. 完成上级领导交办的其他工作任务。 任职要求：  1. 学历不限，年龄在 18-40 岁之间，身体健康；  2. 具备良好的沟通协调能力，服务意识强，责任心强；  3. 品行端正，无不良记录，有较强的团队协作精神；  4. 有保安工作经验者优先考虑；  5. 能适应夜班、轮班工作制。

岗位职责： · 用户帐户管理和用户访问权限管理； · 通过远程访问维护、支持和解决服务器、硬件、软件使用相关问题； · 支持服务器安全、杀毒、DLP等相关工作以保障服务器处于安全状态； · 处理来自终端用户的IT请求，如创建邮件组，文件夹的创建和访问管理，Office软件的使用和问题解决，创建共享邮箱等； · 配合公司IT部门一起管理服务中心的IT系统运作，确保稳定可靠运行； · 支持员工在OS, MS Office, Zoom等软件的使用。 任职资格： · 本科及以上学历，计算机专业优先，具有客户服务行业相关工作经验、技术支持相关经验者优先； · 有使用远程控制软件(如Workspace One, Teamviewer等）为用户解决终端安全问题经验； · 有解决终端安全软件问题相关经验，了解不同安全软件用途（如 Digital Guardian, Thycotic Application Control, Cylance PROTECT, Microsoft Defender等）； · 拥有微软活动目录知识及操作经验，会创建活动目录组以及管理用户； · 拥有良好的Office软件技能，会使用Excel基本函数； · 会使用主流的虚拟会议软件（如：Teams, Zoom），能够帮助用户解决软件链接和使用的问题； · 良好的中英文读写能力。需要使用英文和用户电话沟通并解决问题。

Task description/ Main tasks Ensure Information Security Management at RD Information Security KPI and Policies Security Awareness training Information Security Architect (ISA) ­-As the ISA , Consulting in the Data@Cloud (internal risk assessment for cloud hosting application) process -Prepare Security profile as requested for internet facing and cloud hosting applications -Join the regular Central and ***** ISA community meeting, contribute to the overall ISA goals and provide feedback to the ISA community. China Cyber Security Law -Understand the current China Cyber Security Law , Classified protection related regulations ­-Work closely with DGRC ISO and RD BISO and legal department for any update of the law and evaluate the necessary actions plan in order to compliance with the law. Security Assessment -***** Cyber Security Assessment (LCSA), followed the lead from RD Central office to conduct information security assessment and support to mitigate the findings. -Support in the Corporate Audit process ,and mitigate findings related with RD China -Governance on the RD Server room and run security check. ­ Experience ­ Minimum of 5 years work experience total ­ And minimum 2 years in Information Security or IT-Security relevant business areas (Business or IT) Specific Knowledge ­ Knowledge in Information Security Management, process or IT-Security ­ Respective certifications (e.g. CISSP, TPSSE, CCSP, CSSLP) are desired ­ Working experience with methodologies such as NISTxxx / ISO2700x. ­ Infrastructure knowledge of Windows and Linux OS, Network and cloud technology ­ Strong understanding of current technology trends, security best practices, and cyber security threats (e.g. DevSecOps, OWASP ****0). ­ Broad knowledge of information security tools, concepts, and techniques, such as endpoint protection, Firewall, IDS/IPS, VPN, Encryption Standard.. ­ Knowledge in Risk Analysis and Risk Management ­ High communication and presentation skills ­ Strong problem solving, analytical skills and organizational skills. ­ Fluent in spoken and written English

ZF’s IT security Team is looking for an IT security analyst, strengthening ZFs Shanghai based security operations center (SOC). The main responsible is: 1.Monitoring ZFs main security components like SIEM, NIDS, anti-virus / anti-malware and handling incidents detected by those components. 2.Analysis of alerts, their prioritization, the definition of solutions as well as tracking of the remediation of detected issues. Be one of international security team member, co-work with different location/region’s team and follow up on relevant security incidents and processes.

Responsibility: ? Responsible of Cybersecurity deployment and activities. ? Incident Response management coordination (analysis, action plan follow-up) ? Cybersecurity architecture: review of technical invariants, cybersecurity analysis for products developed or under developing (Threat Model analysis, architecture and technical solution definition, requirements analysis) ? SDL process deployment (interface with project stakeholders, contribution to Final Security review, deployment of methods and tools for projects. ? Participation to Cybersecurity community (SDL process, technical committee …) Qualifications: ? Software Engineer with at least 10 years of experience in Industrial products and industrial protocols, software architecture and Cybersecurity on Industrial products. ? Knowledge of Cybersecurity for Industrial products (IEC62443 …) and associate process (Secure Development Lifecycle …), ? Software architecture experience ? Cybersecurity of Industrial Products. ? Cybersecurity certifications are added value for the job (IEC62443, CSSLP, CISSP, CCSP). ? Organized, rigorous, diplomat and pedagogue, will collaborate in a multi-cultural environment to succeed in this position. ? A mastery of the English language is mandatory.

IT Security Analyst: 本科学历，计算机或信息管理相关专业，5年左右相关经验，口语流利（硬性要求，此岗位汇报对象为外籍上司） 岗位内容参考JD, 主要负责亚洲所有工厂/办事处的网络信息安全Policy的实施与应用。需使用安全相关工具，收集安全相关问题并协调解决，测试新的安全软件及技术等。熟悉相关网络协议，标准等。 主要职责/岗位职责 1、解决所有发生的安全事故，并寻找长期、全球性的解决方案。 2、领导或参与安全调查。 3、评估任何安全重新配置(次要或重大)的需求，并在下列情况下执行它们 必需的。 4、监控所有到位的安全解决方案，确保有效和适当的操作，包括审查记录所有在位设备的日志和报告，无论它们是否在直接控制下(即安全工具)(即工作站、服务器、网络设备、日志、安全服务等)。解释该活动的影响，并制定适当的解决方案。 5、推荐并测试新的安全软件或技术。 6、参与新安全解决方案的部署、集成和初始配置现有安全解决方案的任何增强符合标准的最佳操作程序。 7、与IT基础设施和业务应用紧密合作，确保信息的完全安全，计算机、网络和处理系统。 8、确保存储或传输数据的机密性、完整性和可用性到/从/通过企业工作站、服务器和其他系统以及数据库等，数据存储库。 9、参与漏洞评估、渗透测试和安全审计的执行。 10、管理网络、Web站点、公司内部网和电子邮件的连接安全性通信。 11、建议安排(在适当的地方)修复、安全补丁和灾难恢复程序和其他所需的措施。 12、创建和维护现有的和未来的安全基础设施的文件。 13、及时了解最新的安全警报和问题。 14、与供应商、外包商和承包商沟通，以获得或维护保护服务和产品。 学历/认证/资格/经验 1、计算机科学或其他相关专业本科以上学历；2、5年以上网络安全管理相关工作经验; 包括：a. 广域网安全最佳实践，包括防火墙管理和策略实施;b. 局域网安全的最佳实践，包括交换机管理和多层网络流量管理；c. 端点保护最佳实践。3、首选证书包括：信息安全培训：计算机安全+(或其他信息安全培训)、或认证信息安全经理(cism)、或认证信息系统安全专业人员(cissp)；ITIL。4、了解NIST安全框架和CIS控制。 5、在网络，路由和路由协议(BGP,OSPF,RIP)，交换，vlan，无线接入点配置，dmz和radius认证方面有丰富的经验。6、了解it基础设施操作和维护的最佳实践；7、至少5年的防火墙，Internet VPN远程实现，故障排除和问题解决经验；8、对当前的网络协议，操作系统和标准有较强的技术知识。 个人特质/技能和能力 1、 能够阅读和理解技术手册、程序文档和OEM指南。 2、 有组织和管理多个优先事项的能力 3、 工作积极主动，工作态度积极，注重细节 4、 良好的沟通能力(书面和口头)，人际关系，团队建设和组织能力。 5、 具备研究、解决和调查安全问题的能力。 6、 能够促进和参与以团队为导向的协作环境。 7、 较强的问题解决能力，分析方法和技术技能。 8、 自我激励和指导，有能力在高压力的环境中有效地优先处理和执行任务。 9、 快速的学习者。 10、 良好的英语口语和书写能力——英语是KDC在国际业务关系中使用的语言。

职位介绍： 安全合规专员负责与技术和数字团队合作，结合业务战略目标，实施安全准则，以保护信息资源机密性、完整性和可用性。该岗位需在网络安全策略与标准、网络安全合规和漏洞管理领域开展工作，执行内部合规检查与审核，及时跟进、报告不符合项。 工作内容： o 负责公司网络安全策略、规范、流程和标准的制定与维护，并推进落地 o 开展信息安全意识宣贯 o 负责定期开展SOX内部检查 o 带领各团队准备SOX外部审计并通过 o 准备整理PCI DSS审核材料并配合外部审核员进行PCI审核 o 负责在GRC系统中跟踪安全不符合项，推进整改措施的进行，确保不符合项能及时得到整改 o 负责网络安全等级保护的落地 o 负责推动公司各项其它内部或外部网络安全审计 o 负责整理防火墙变更申请并提交给国际部审阅 o 负责审阅系统灾备演练计划，组织各团队定期开展灾备演练，编写演练报告 o 负责定期编写各项安全报告 o 协助负责网络安全风险评估的推进 我们希望您： o 具备计算机科学学士学位或同等学历，具有信息系统管理或相关专业的信息安全认证（CISSP or CISA） o 具备三年以上信息安全相关经验， 一年以上信息安全审计与/或合规验证相关经验 o 具备信息安全相关的法律法规知识，熟识中国网安法、网络安全等级保护、Sarbanes-Oxley法案、PCI和隐私法 o 拥有良好的英语书面和口头交流能力，包括演示、技术报告和提案的能力 o 对信息安全领域具备高度热情，能持续跟进该领域的发展与趋势及研究方向 o 具有强大的人际交往能力及感染力

● 任职要求 主要职责/职责 解决所有发生的安全事件，并寻求长期、全球性的解决方案。 领导或参与安全调查。 评估任何安全重新配置的需求（轻微或重大），并在需要时执行。 监控所有就地安全解决方案以实现高效和适当的操作，包括审查所有就地设备的日志和报告，无论这些设备是否处于直接控制之下（即安全工具）（即工作站、服务器、网络设备、日志、安全服务等）。解释该活动的影响，并制定适当的解决方案。 推荐和测试新的安全软件和/或技术。 根据标准操作程序，参与新安全解决方案的部署、集成和初始配置，以及对现有安全解决方案进行的任何增强。 与IT基础架构和业务应用程序密切合作，以充分保护信息、计算机、网络和处理系统的安全。 确保驻留在企业工作站、服务器和其他系统以及数据库和其他数据存储库中的数据的机密性、完整性和可用性。 参与漏洞评估、渗透测试和安全审计的执行。 管理网络、网站、公司内部网和电子邮件通信的连接安全性。 建议、安排（在适当的情况下）修复程序、安全补丁程序、灾难恢复过程和任何其他所需措施。 创建和维护现有和未来安全基础设施的文档。 及时了解新出现的安全警报和问题。 与供应商、外包商和承包商互动，以获得或维护保护服务和产品。 个人属性/技能和能力 能够阅读和理解技术手册、程序文件和OEM指南。 能够组织和管理多个优先事项。 具有强烈的职业道德、积极的态度和对细节的强烈关注。 较强的沟通能力（书面和口头）、人际关系、团队建设和组织能力。 能够研究、排除和调查安全问题。 能够在以团队为导向的协作环境中推广和参与。 较强的问题解决能力、分析方法和技术技能。 自我激励和指导，能够在高压环境中有效地确定任务的优先级和执行任务，快速学习。 英语口语和书面表达良好-英语是KDC集团用于国际商务关系的语言。 教育/认证/资格/经验 计算机科学或其他相关领域的学位 有相关网络安全管理相关工作经验， 包括 广域网安全做法，包括防火墙管理和策略实施 局域网安全实践，包括交换机管理和多层网络流量管理 端点保护实践。 了解NIST安全框架和CIS控制 在网络、路由和路由协议（BGP、OSPF、RIP）、交换、VLAN、无线接入点配置、DMZ和RADIUS认证方面有丰富的经验。 了解IT基础架构运营和维护方面的实践 需要有防火墙、Internet VPN远程实施、故障排除和问题解决经验 熟悉当前网络协议、操作系统和标准。

JOB RESPONSIBILITIES The main missions & responsibilities for the position are the following: Executes tests based on formal Test Procedures. Possesses advanced knowledge in the key principles and practices of Penetration Testing and Procedures. Like fuzz test, stress test, password cracking etc. Strategizes Test Scenarios and Execution of Penetration Tests. Works with project teams to explain the vulnerabilities. Creates and enhances Test Procedures and Methods. Bring security support to Business Unit projects on offer development through high level consultation post the test. Work closely with other Pen testers, project teams and SDL process teams to work on research, investigations, definition of SoP(standard operating Procedures), deployments, training, creating assets for efficiency in the cyber-security practices. Investigate potential 3rd party cyber security offer\tools (startup, etc.) to improve the global security level of our offers. Understand impact of various standards like IEC 62443 \ Data Privacy (US, GDPR…), IoT/Edge/cloud standard and regulation and make proposals for the improvement in our testing practices. Work with cyber security stakeholders (Schneider IT security team, BU teams, lawyer) on all the different aspect of IoT & Cloud security (network, server, secure application development, security operation …). Qualifications PREFERRED ACADEMIC QUALIFICATIONS AND EXPERIENCE • Bachelor's degree in Computer Science, Mathematics, Information Technology or equivalent work experience Certifications like OSCP, SANS GPEN, SANSGWAPT or any other industry accredited security certifications would be preferred · Understanding of at least three of the following: cryptography, fuzzing, hardware security, kernel hacking, and reverse engineering · Developing, extending, or modifying exploits, shellcode or exploit tools OT/IoT security assessments · Experience in reverse engineering

Duties & Responsibilities: 1.Assist in implementing and operating various security solutions, including SIEM, EDR, and vulnerability management tools. 2.Collaborate with DevOps, IT, and Business teams to ensure alignment with and support for our security vision and objectives. 3.Evaluate current cybersecurity processes and recommend improvements, ensuring the highest cybersecurity standards against external and internal threats, fraud, or theft. 4.Support IT and Security Audit including providing necessary evidence for audit processes. 5.Monitor and analyze security events to detect, investigate, and respond to potential security issues. Requirements: 1.Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Business Administration, or a related field. 2.Strong communication skills with the ability to collaborate effectively with stakeholders in both English and Chinese. 3.Knowledge of information security services and products, including but not limited to Firewalls, IDS/IPS, DLP, VPNs, DDOS Protection, WAF, Vulnerability Assessments, EDR, SIEM, SOC Operation, are desirable. 4.Experience in threat and vulnerability assessment, penetration testing and/or forensic analysis will be advantages.