信息安全官
Shanghai, CN
岗位职责要求 Roles & Responsibilities
1. 负责实施和监督安联中国控股和子公司的整体信息安全项目,包括定期向管理委员会、审计委员会和高级管理层报告信息安全状况。
Responsible and accountable for implementing and monitoring the formal Information Security Program for AZCH and its subsidiaries including periodic reports on the state of Information Security to the Board of Management, the Audit Committee and Senior Management.
2.根据监管机构和安联集团对于信息安全的政策要求(包括网络风险框架和技术风险管理框架),在安联集团“一个中国”的总体方针下,为安联中国控股和子公司制定信息安全战略、风险偏好、框架,并推动实施。
Develop and implement the information security strategy, risk appetite, and framework for AZCH and its subsidiaries under the "One China" strategy of Allianz Group, in compliance with regulatory and Group requirements (including Cyber Risk Framework and Technology Risk Management Framework).
3.建立“一个中国”方针下及安联中国控股自身的信息安全保护政策和行动计划,提出持续改进意见,以确保政策的有效性和可实施性;与子公司就相关战略和日常工作进行合作,确保行动计划的有效执行。
Establish information security protection policies and action plans under the "One China" strategy and for AZCH itself, providing continuous improvement suggestions to ensure policy effectiveness and implementation. Collaborate with subsidiaries to ensure the effective execution of action plans.
4.负责定期审查和不断更新安联中国控股和子公司的信息安全风险评估,识别和分析信息安全风险,开发信息安全相关管理流程,评估新兴技术在业务环境中对信息安全的影响,制定和调整处置措施、业务活动的优先次序。
Responsible for reviewing and updating the Information Security (IS) Risk Assessment for AZCH and its subsidiaries. Identify and analyze information security risks, develop related management processes, evaluate the impact of emerging technologies on information security, and prioritize mitigation measures and business activities.
5.监控和维护信息系统的机密性、完整性和可用性,及时发现并有效处置信息安全危机事件。
Monitor and maintain the confidentiality, integrity, and availability of information systems, promptly identifying and resolving information security incidents.
6.推动公司信息安全文化、意识和组织变革,组织相关培训,确保员工和管理层了解信息安全要求,并在日常运营中采取积极行动。
Promote a culture of information security awareness and organizational change, organizing training to ensure employees and management understand and adhere to information security requirements in daily operations.
7.执行和监控信息安全的相关控制措施,确保公司符合中国信息安全、数据保护的法律法规、监管要求、安联集团政策及公司规定,如发现重大风险,及时向中国管理层、亚太信息安全官报告。
Execute and monitor information security control measures to ensure compliance with Chinese laws, regulations, regulatory requirements, Allianz Group policies, and company rules. Report significant risks to China management and the AZAP Chief Information Security Officer (CISO) promptly.
8.与安联中国控股信息技术运营、风险管理、法律合规部门合作,监督信息安全项目的执行。
Collaborate with AZCH IT operations, risk management, and legal compliance departments to oversee the execution of information security projects.
9.根据要求,完成公司及上级交办的其他工作。
Perform other tasks assigned by the company or superiors.
岗位任职要求 Job Requirements
1.大学本科及以上学历,信息安全、计算机科学、或者信息技术相关专业
Bachelor's degree or above in Information Security, Computer Science, Information Technology, or related fields.
2.8年以上大型金融公司信息安全及信息技术工作经验
Minimum of 8 years’ experience in information security and IT within large financial institutions.
3.精通金融行业信息安全相关专业知识技能、主流的信息安全管理框架、数据加密,应用系统安全测试等
Proficient in financial industry information security knowledge and skills, mainstream information security management frameworks, data encryption, application system security testing, etc.
4.熟悉保险行业信息安全相关法律法规和监管规定
Familiar with insurance industry information security laws, regulations, and regulatory requirements.
5.流利的中英文口头和书面表达
Fluent in both written and spoken English and Chinese.
Allianz Group is one of the most trusted insurance and asset management companies in the world. Caring for our employees, their ambitions, dreams and challenges, is what makes us a unique employer. Together we can build an environment where everyone feels empowered and has the confidence to explore, to grow and to shape a better future for our customers and the world around us.
We at Allianz believe in a diverse and inclusive workforce and are proud to be an equal opportunity employer. We encourage you to bring your whole self to work, no matter where you are from, what you look like, who you love or what you believe in.
We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, disability or sexual orientation.
Great to have you on board. Let's care for tomorrow.
Note: Diversity of minds is an integral part of Allianz’ company culture. One means to achieve diverse teams is a regular rotation of Allianz Executive employees across functions, Allianz entities and geographies. Therefore, the company encourages its employees to have motivation in gaining varied skills from different positions and to collect experiences from across Allianz Group.