400-885-9898
更新于 1月15日
智聯(lián)APPAPP
舉報(bào)

Foshan - Risk Management Assessor - HSBC, Advisory(MJ004145)

5千-6千·13薪
  • 佛山南海區(qū)
  • 經(jīng)驗(yàn)不限
  • 本科
  • 全職
  • 招2人

雇員點(diǎn)評(píng)標(biāo)簽

  • 工作環(huán)境好
  • 同事很nice
  • 人際關(guān)系好

職位描述

系統(tǒng)安全數(shù)據(jù)安全網(wǎng)站安全ISO27001CISACISSP網(wǎng)絡(luò)安全

Job Description

Third-Party (TP) risk reviewer performs risk assessments, review security policies and procedures, and conduct in-depth examinations of the TP's technical infrastructure, systems, and networks.

· Assess the effectiveness of security controls, such as access controls, encryption, incident response procedures, and disaster recovery plans.

· Third Party risk reviewer also evaluate the organization's compliance with relevant laws, regulations, and industry standards to ensure adherence and mitigate legal and regulatory risks.

· Provide detailed audit reports, communicate findings to TP, and work collaboratively with TP and TP engagement manager (TPEM) to provide corrective remediation actions for gaps of assessment report and determine whether TP can ultimately onboard and sign the service contract.

Roles and Responsibilities

? The Third-Party risk reviewer is responsible for assessing and evaluating the information security controls, policies and procedures of third parties and suppliers ("TP"). Their responsibility is to ensure that TP's information assets are adequately protected and aligned with industry standards, regulations and best practices. A third-party risk reviewer conducts a comprehensive audit to identify deficiencies, gaps and weaknesses in the TP security framework and provide recommendations for improvement.

Skills Required

? Excellent written and verbal English communication skills, able to work with various levels in the organization

? Familiar with computer network technology.

? Familiar with cyber security framework, such as NIST Cybersecurity Framework.

? Familiar with ISO 27001 / ISMS, and familiar with information security risk assessment framework.

? Familiar security practices and controls against specific requirements, such as SOC2, PCI DSS, GDPR, Information Security Classified Protection Standard(等保).

? Judge relevant materials and evidence with an objective and unbiased attitude.

? Ability to make timely and efficient decisions.

? Security certificates such as CISA, CISSP, ISO 27001 auditor is preferred.

工作地點(diǎn)

南海區(qū)燈湖東路1號(hào)友邦金融中心

職位發(fā)布者

劉小姐/HR

三日內(nèi)活躍
立即溝通
公司Logo畢馬威全球商務(wù)服務(wù)(廣東)有限公司公司標(biāo)簽
OverviewKPMG China operates in 25 cities across China, with around 12,000 partners and staff in Beijing, Changsha, Chengdu, Chongqing, Foshan, Fuzhou, Guangzhou, Haikou, Hangzhou, Hefei, Jinan, Nanjing, Ningbo, Qingdao, Shanghai, Shenyang, Shenzhen, Suzhou, Tianjin, Wuhan, Xiamen, Xi’an, Zhengzhou, Hong Kong SAR and Macau SAR.KPMG is a global network of professional services firms providing Audit, Tax and Advisory services. We operate in 147 countries and territories, and have 219,000 people working in member firms around the world.The KPMG Delivery Centre(KDC) is a centralised centre of excellence delivering high quality services to KPMG China's audit, tax, advisory and infrastructure functions.畢馬威服務(wù)中心簡(jiǎn)介畢馬威在中國(guó)二十五個(gè)城市設(shè)有辦事機(jī)構(gòu),合伙人及員工約12,000名,分布在北京、長(zhǎng)沙、成都、重慶、佛山、福州、廣州、???、杭州、合肥、濟(jì)南、南京、寧波、青島、上海、沈陽(yáng)、深圳、蘇州、天津、武漢、廈門、西安、鄭州、香港特別行政區(qū)和澳門特別行政區(qū)。畢馬威是一個(gè)由專業(yè)服務(wù)成員所組成的全球網(wǎng)絡(luò)。成員所遍布全球147個(gè)國(guó)家和地區(qū),擁有專業(yè)人員219,000名,提供審計(jì)、稅務(wù)和咨詢等專業(yè)服務(wù)。畢馬威服務(wù)中心(KDC)作為全國(guó)中央卓越中心,致力于為畢馬威中國(guó)的審計(jì)、稅務(wù)、咨詢的前線與后勤服務(wù)團(tuán)隊(duì)提供優(yōu)質(zhì)服務(wù)。
公司主頁(yè)