返回查询:IT Risk / 上海

THE ROLE
This role will work as Senior role to support IT Risk and Compliance lead (China & APAC) in Information Security areas, and to effectively collaborate with stakeholders to develop policies/processes, identify issues and risks, suggesting risk remediation strategies and driving towards compliance.

Responsibilities

  • Develop and maintain Tesla Information Security policies, frameworks, guidance and metrics based on internal, domestic and industrial information security regulations and standards, such as ISO27001, ISO27701, NIST, etc.
  • Collaborate with Product owners, Engineers, and Business process owners, and system owners to ensure security process are well established and followed.
  • Support in cyber compliance programs including China Cybersecurity Law (CSL), China Data Security Law (DSL) and Personal Information Protection Law (PIPL) compliance.
  • Assist in IT Governance, Risk and Compliance team in documenting and reporting control deficiencies upon discussion with business owners, Internal Auditors and collaborate with business owners regarding recommendations to address the root cause of issues and report support implementation of management remedial actions.

Requirements
Must Qualifications

  • Ability to conduct regulation research, interpretation, compliance assessment, root cause analysis, risk identification, working paper preparation and can handle internal reporting within the team or working level stakeholders independently.
  • 5 to 7 years of Information Security working experience in house or from consultancy/accounting firm, with hands-on experience in any two areas mentioned bellows:
  • Cybersecurity Law (CSL) compliance
  • Data Security/Protection Law compliance
  • ISMS/ISO 27001 implementation and operation
  • Graduates from 985, 211 universities or oversea universities, with at least Bachelor's degree in Computer Science, Information System management, or equivalent majors.
  • Working efficiency in English and Chinese (both speaking and written).
  • Good communicator and able to articulate requirements and expectations.
  • Collaborative in nature, result oriented, and highly self-motivated to bring task forward with a quality delivery.

Preferred Qualifications

  • Oversea education or working experience
  • Experience in Personal Information Protection Law (PIPL) compliance and supplier security management
  • Experience in Automotive, Financial Industry (Insurance, leasing or loan)
  • Certification of CISA, CRISC, CISM, CISSP, CIPM

This job application may involve an interview with an interviewer outside of Tesla China. If you complete your application, you agree Tesla provides your application information to overseas interviewers in Tesla, Inc. for recruitment purposes. More details and contact information please see here. (here hyperlink: )

去原网站上申请