工作內容
<Summary> In every security standard and local authority, InfoSec and Cybersecurity are the key elements in the governance level (e.g., SEC (registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance). Thus the 3-core requirement is important to bring up a successful InfoSec and Cybersecurity to a company, 1. Governance and Strategy (Core Management level and CISO level) 2. Tactical, Planning and Analysis (InfoSec Level) 3. Technique and Operation (IT level) In the InfoSec team, we’d need a member who understands both InfoSec and IT techniques. The difference between an InfoSec technician and an IT technician is, that InfoSec is based on regulations/standards and is also familiar with IT technologies, so he/she has the ability to analyze/identify the technology flaws. The IT technicians are focused on IT solutions (equipment, OS, front-end software, etc.) <Essential Duties and Responsibilities> 1. Analyze systems, security controls, and event logs to detect the nefarious activity of the company. Provide regular reports to the team on security incidents, risks, and the overall effectiveness of security measures. 2. Audit the company’s security controls to ensure they work correctly; Plan, document, and conduct complex audit assignments and projects. 3. Audit access throughout systems/applications and ensure access is at appropriate levels of the company. 4. Collaborate with/across teams and architects to ensure security compliance. 5. Work with multiple stakeholders (internal and external) to assess and identify security compliance gaps and propose technical and operational remediation solutions. 6. Contribute to the annual risk assessment and development of the audit plan for assigned businesses or corporate staff groups. 7. Develop skills for ISO committee members across teams. Conduct audit fieldwork in accordance with department, and company standards. 8. Provide consulting services to internal terms including all unit leaders and members.
職務類別
工作待遇
待遇面議
(經常性薪資達 4 萬元或以上)
工作性質
管理責任
出差外派
上班時段
休假制度
可上班日
需求人數
條件要求
其他條件
‧ BA/BS degree in MIS, business, finance, or a related field; or the equivalent in education and work experience. ‧ Certifications preferred including (e.g., CISA, CISSP, CIA, CPA); ‧ Minimum 4-5 years experience working as an IT auditor or IT risk adviser for a public accounting firm or within the industry. ‧ 7+ years of Information Technology experience. ‧ Ability to communicate effectively to technical and non-technical audiences, in both written and verbal formats. ‧ Knowledge and experience in performing audits of technology projects and programs (SDLC reviews); ‧ Experience auditing and evaluating infrastructure, cybersecurity risks/controls, and auditing operating systems. ‧ Prior experience focusing on information technology systems. ‧ Must be effective at communicating issues through written reports, verbal discussions, and presentations. ‧ Preparing written reports of completed audits and presenting results to Management. ‧ Working knowledge of internal control analyses and risk assessment methodologies. ‧ Strong organizational, communication, and interpersonal skills in order to work with all levels of management are required. ‧ Ability to work a flexible schedule during key business timelines.
公司環境照片(6張)
Supermicro中和總部-新北市中和區建一路150號3樓
Supermicro 亞太科技園區-桃園市八德區興豐路1899號
Supermicro馬來西亞廠-馬來西亞柔佛州新山市
家庭日活動
尾牙: 年終聖誕餐會
尾牙: 年終聖誕餐會
福利制度
法定項目
其他福利
◆ 薪酬類 1.每年發放 2 次績效獎金 2.中秋、端午及生日禮券 ◆ 保險類 1.勞保 2.健保 3.員工免費團保 4.眷屬優惠自費保險 ◆ 休假制度 1.週休二日 2.優於勞基法的特休制度 ◆ 補助類 1.結婚禮金 2.生育禮金 3.住院、喪禮慰問金 4.子女獎學金 5.運動健身補助 ◆ 其他類 1.公司週年慶、年終尾牙 2.定期電影欣賞會、電影票發放 3.定期部門聚餐 4.社團活動補助 5.免費供應午餐(八德) 6.免費機車停車位(八德) 站上國際舞台,開創非凡職涯:至美國加州矽谷、荷蘭出差與培訓的機會,與世界頂尖研發人員切磋交流
聯絡方式
聯絡人
智能客服