该职位来源于猎聘 Job Duties
整体负责苏州和上海地区的信息安全、系统建设、跨国协作及合规要求等。 负责信息安全体系建设: 设计并实施中国区信息安全管理框架,确保符合GDPR、中国《网络安全法》及企业全球安全政策; 主导网络安全防护(防火墙/IDS/IPS)、数据防泄漏(DLP)、终端安全管理及应急响应机制,定期执行安全审计与风险评估,确保跨境数据传输合法合规; IT基础设施搭建与运维:主导企业内网架构设计、私有云/混合云部署及高可用系统建设; 管理Office 365全栈应用(Exchange Online/Teams/SharePoint/Intune等),优化协作效率; 建标准化运维流程,管理7×24小时系统监控、灾备恢复及服务水平协议(SLA); 跨国协作与合规管理,对接不同国家、地区IT团队,确保跨国系统兼容性;及数据同步安全性,应对外部合规审计,编制区域性IT政策文档; 为业务部门提供技术决策支持,推动数字化变革项目; 公司安排的其它任务; Oversee information security, system construction, cross-border collaboration, and compliance requirements in the Suzhou and Shanghai regions. Responsible for establishing the information security framework: Design and implement the information security management framework for the China region, ensuring compliance with GDPR, China's Cybersecurity Law, and corporate global security policies. Lead cybersecurity protection (firewall/IDS/IPS), data leakage prevention (DLP), endpoint security management, and emergency response mechanisms.
Conduct regular security audits and risk assessments to ensure cross-border data transfers are lawful and compliant. IT Infrastructure Construction and Operations: Lead enterprise intranet architecture design, private/hybrid cloud deployment, and high-availability system development. Manage the full suite of Office 365 applications (Exchange Online/Teams/SharePoint/Intune, etc.) to optimize collaboration efficiency. Establish standardized operation processes and manage 7×24 system monitoring, disaster recovery, and Service Level Agreements (SLA). Cross-border Collaboration and Compliance Management: Liaise with Global IT teams to ensure multinational system compatibility and data synchronization security. Address external compliance audits and develop regional IT policy documentation. Provide technical decision support to business departments and drive digital transformation initiatives. Other duties as assigned by the company. Qualifications: 1.全日制统招本科及以上,计算机科学、信息安全或相关专业优先; 2.8年以上IT管理经验,其中5年以上外企IT管理经历; 3.成功主导过跨国企业级系统部署(网络/安全/云架构); 4.精通Office 365生态及Azure AD身份管理体系; 5.深度理解中欧数据法规差异,具备跨境数据流方案设计经验,具备大型内网建设经验(覆盖多分支机构/数据中心); 6.有CISSP/CISM/PMP/ITIL/Microsoft认证解决方案认证优先; 7.能平衡战略规划与实操落地,在资源受限时提供创新解法; 8.有较强的合规与风险意识,英语可作为工作语言。 Full-time bachelor's degree or above in Computer Science, Information Security, or related fields (preferred). Minimum 8 years in IT management, with at least 5 years in multinational enterprises. Proven track record in letting enterprise-level system deployments (network/security/cloud architecture) for global organizations. Proficient in Office 365 ecosystem (Exchange Online/Teams/SharePoint/Intune) and Azure AD identity management. Compliance & Infrastructure: Thorough understanding of China-EU data regulation disparities (e.g., GDPR vs. CSL). Hands-on experience in designing cross-border data flow solutions and building large-scale intranets (multi-branch/data center coverage). Certifications (Preferred): CISSP/CISM/PMP/ITIL/Microsoft Certified Solutions Expert. Ability to balance strategic planning with hands-on execution, delivering innovative approaches under resource constraints. Risk Awarenes: Strong compliance and risk management mindset. & Language:Business-fluent English (written and verbal).