SecAudit, SME Compliance Manager
BASF
- Nanjing, Jiangsu
- Permanent
- Full-time
数字化将成为巴斯夫DNA的真正组成部分,创造令人兴奋的全新客户体验和业务增长,并提高流程效率。全球数字服务正在支持巴斯夫业务的数字化转型。我们的使命是推动巴斯夫的数字化转型,通过强大的敏捷文化,提供创新的、全球性的、高质量的数字化产品和服务。南京数字中心是我们为巴斯夫提供区域和全球解决方案的全球重要基地之一。在此职位上,您将专注于以下目标补救过程和程序设计:-定义并持续改进用于咨询、协调、跟踪和监控关键网络安全发现直至补救的整个过程-定义和操作用于处理关键红队/紫队/渗透测试活动输出的流程,以确保跟踪、上报和补救结果-设计并推进针对关键零日漏洞和关键漏洞的补救措施处理-自己的流程开发用于从事件中得出的关键网络安全发现-建立并加强流程,以识别,跟踪和报告网络安全合规性,以满足企业要求的适用法人实体,不受GD管理-根据经验教训创建补救过程修复咨询:-为关键补救活动设定战略方向,并担任流程经理的顾问,以实现所有补救流程的开发-支持产品团队、BU 和 IT 代表等运营团队通过提供有关谁需要做什么的指导来补救调查结果并接管协调角色-与漏洞和攻击性安全团队密切合作,整合关键的补救建议-作为产品,IT和基础架构团队的咨询机构,提供有关缓解策略和技术的咨询机构,以将安全修复集成到系统和软件开发生命周期中-充当产品系列、业务代表和安全流程之间的接口,并为修复活动提供咨询服务Main Tasks:
您将负责我们对“自我管理环境”的网络安全合规处理的日常执行您的部分活动将是报告关键指标,以了解实体如何遵守安全要求并查看流程的运行情况您将负责将新实体加入中小企业合规流程,并不断寻求改进和完善流程您将与第三方供应商联络,并建立/维持良好的工作关系作为我们CISO组织的一部分,您将与网络安全防御中心,网络安全治理以及我们的IT运营部门密切合作Digitalization will be a true part of BASF's DNA that creates new exciting customer experiences and business growth as well as drives efficiencies in processes. Global Digital Services is supporting BASF business in Digitalization transformation. Our mission is to drive forward the digital transformation of BASF, providing innovative, global and high-quality digital products and services through a strong agile culture. The Digital Hub Nanjing is one of our global key locations to deliver regional and global solutions for BASF.In this role, you will focus on the following objectivesRemediation process & procedure design:-Define & continuously improve the overall process used to consult, coordinate, track and monitor critical cyber security findings through to remediation-Define & operate the process used for handling output of critical red team / purple team / pen test activities to ensure tracking, escalation, and remediation of findings-Design and advance the handling of remediations for critical zero-day and critical vulnerabilities-Own process development used for critical cyber security findings coming out of incidents-Establish and enhance process to identify, track and report on cyber security compliance for corporate requirement applicable legal entities not managed by GD-Create remediation procedures based on lessons learnedRemediation consulting:-Set strategic direction for critical remediation activities and act as advisor to process managers to enable the development of all remediation processes-Support operational teams like product teams, BUs & IT representatives to remediate findings by providing guidance on what needs to be done by whom & take over the coordination role-Work closely with the vulnerability and offensive security teams to consolidate critical remediation recommendations-Act as consulting body to product, IT & infrastructure teams on mitigation strategies & techniques to integrate security remediation into the system & software development lifecycle-Act as an interface between the product families, business representatives and security processes & provide consulting services for remediation activitiesMain Tasks:
You will be responsible for the day-to-day execution of our Cyber Security compliance handling of “Self-Managed Environments”Part of your activities will be the reporting of Key Indicators to see how entities comply to the security requirements and to see how the process is running.You will be responsible for the onboarding of new entities to the SME compliance process and constantly seek to improve and mature the process.You will liaise with 3rd party vendors and establish/maintain good working relationships.As part of our CISO Organization you will closely work together with the Cyber Security Defense Center, Cyber Security Governance as well as our IT operations unit.您已取得与学科相关的学位(商业)信息学或通过多年的相关专业经验和进一步培训获得的同等知识和技能您在合规评估或其他相关网络安全领域至少有 3-5 年的经验您必备技能/知识:您可以在跨国/全球团队中独立工作,并带来结构化,分析,以质量为中心的方法您已完成与学科相关的大学/技术学院学位(商业)信息学或通过多年的相关专业经验和进一步培训获得的同等知识和技能公认的认证证明,如CISSP,CISM,CRISC,CISA或其他将是一个加分项信息安全管理实践和相关规范和标准的知识您具备出色的沟通技巧,能够与巴斯夫整个组织的利益相关者保持一致并进行沟通出色的英语语言能力希望您拥有:公认的认证证明,如CISSP,CISM,CRISC,CISA或其他将是一个加分项You have completed a subject-related university/technical college degree in (business) informatics or equivalent knowledge and skills acquired through many years of relevant professional experience and further training.You have a minimum of 3-5 years' experience in compliance assessments or other relevant cyber security fieldsMandatoryYou can work independently in a multinational / global team and bring a structured, analytical, quality-focused approach with youYou have completed a subject-related university/technical college degree in (business) informatics or equivalent knowledge and skills acquired through many years of relevant professional experience and further training.Proof of recognized certifications such as CISSP, CISM, CRISC, CISA or others would be a plus.Practice in information security management and knowledge of relevant norms and standards.You have great communications skills to align and communicate with stakeholders throughout BASF's organization.Outstanding language skills in EnglishNice to haveProof of recognized certifications such as CISSP, CISM, CRISC, CISA or others would be a plus.巴斯夫中国数字化中心于2020年在南京成立。作为全球数字中心的重要部分,中国中心正在迅速发展中,未来将会有更多岗位开放。巴斯夫专注于数字化和创新的IT解决方案,以增强巴斯夫在中国的IT化和专业化,为巴斯夫带来了一支全方位的数字化人才团队,在中国独特的数字化环境中创造解决方案。中心还为湛江一体化基地等大型项目的智能制造做出贡献。在巴斯夫,我们为可持续发展的未来,创造化学新作用。我们将经济成功与环境保护相结合。我们肩负社会责任。巴斯夫集团超过110,000名员工为巴斯夫的成功做出了贡献。我们的客户遍布世界上几乎所有行业和几乎每个国家。我们的产品组合分为六个部分:化学品,材料,工业解决方案,表面活性剂,营养与护理以及农业解决方案。巴斯夫2020 年销售额为 590 亿欧元。更多信息请见 www.basf.com。Digital Hub China was founded in 2020 in Nanjing. As part of the Global Digital Hub Verbund, the hub is rapidly growing with a target of a three-digit number of employees in coming years. Focused on digitalization and innovative IT solutions to enhance BASF's IT portfolio and expertise in China, it brings an all-around capable team of digital talents to create solutions in the context of China's unique digital landscape to BASF. It also contributes to the smart manufacturing endeavors for the new mega project in Zhanjiang.At BASF, we create chemistry for a sustainable future. We combine economic success with environmental protection and social responsibility. More than 110,000 employees in the BASF Group contribute to the success of our customers in nearly all sectors and almost every country in the world. Our portfolio is organized into six segments: Chemicals, Materials, Industrial Solutions, Surface Technologies, Nutrition & Care and Agricultural Solutions. BASF generated sales of €59 billion in 2020. Further information at www.basf.com.BASF Asia-Pacific Service Center is based in Malaysia, we may reach you via Malaysia phone number.请时刻警惕任何可能的招聘欺诈行为!请注意,巴斯夫绝不会在任何情况下向候选人以任何形式收取任何费用。Stay alert for possible recruitment fraud!
This can include fake websites, fake job offers, or contact from a person falsely claiming to represent BASF.
Remember, neither BASF nor our representatives will ever request money from a job candidate.
If you suspect recruitment fraud and BASF is mentioned, first get in touch with at BASF.A unique total offer: you@BASFAt BASF you get more than just compensation. Our total offer includes a wide range of elements you need to be your best in every stage of your life. That's what we call you@BASF. Click here to learn more.A unique total offer: you@BASFAt BASF you get more than just compensation. Our total offer includes a wide range of elements you need to be your best in every stage of your life. That's what we call you@BASF. Click here to learn more.Working at BASF: We connect to create chemistryWe are proud of strong history of innovation, which has helped make us who we are today – the world's leading chemical company. Every day, our global team of over 120,000 individuals work together to turn visions for sustainable solutions into reality by connecting with one another and sharing our knowledge.The right people are crucial for our sustainable success. We aim to form the best team by bringing together people with unique backgrounds, experiences and points of view. Our differences make us stronger and more vibrant. And an open, creative and supportive work environment inspires us to achieve exceptional results.About BASFFind out what BASF has to offer as an employer and why you should join our team.Your applicationHere you find anything you need to know about your application and the application process.Contact usYou have questions about your application or on how to apply in Europe? The BASF Talent Acquisition Europe team is glad to assist you.Please note that we do not return paper applications including folders. Please submit copies only and no original documents.For BASF, diversity is one of the essential keys to business success and the well-being of our employees. We promote an inclusive culture that accepts the diversity of people, experiences and capabilities. By embracing talents and abilities of all kinds, we aim to boost creativity and motivation, and enhance our teams’ performance.Join the team and connect with more than 117,000 other minds.NANJING,CN,210000BASF Asia PacificDigitalizationExperienced189803ATS_TALEO_APAC