System Risk Control Analyst

We are seeking a highly skilled and experienced System Risk Control Specialist to join our Information Security team. The successful candidate will be responsible for overseeing the company's overall information security planning, establishing security management system processes, designing and implementing systems, conducting security assessments, and leading efforts to identify and mitigate security vulnerabilities. This role is crucial in ensuring the integrity, confidentiality, and availability of our information systems.Key ResponsibilitiesInformation Security Planning and ManagementDevelop and maintain comprehensive information security strategies and policies.Establish and oversee security management system processes to ensure robust protection of company data.Design and implement effective security systems to safeguard information assets.Security Assessments and Solutions ImplementationConduct thorough security assessments on systems, networks, and servers.Collaborate with relevant teams to implement recommended security solutions and track progress.Promote the execution of security measures and ensure compliance with industry standards.Vulnerability ManagementMonitor industry trends for security vulnerabilities and patch information.Assess risks associated with identified vulnerabilities and submit detailed risk reports.Proactively address and mitigate risks related to security facilities.Penetration Testing and Incident ResponsePerform penetration testing and identify potential system intrusions.Develop and manage alarms and trace analysis protocols.Implement measures to prevent and respond to security breaches.Team Leadership and DevelopmentLead the information security team, including personnel planning and guidance.Provide training and development opportunities to enhance team capabilities.Improve and maintain the team’s document knowledge reserves.RequirementsSystem security, computer application related major, more than 3 years of system security experienceFamiliar with Linux, Windows operating systems, WEB application servers and other related security policies and proceduresFamiliar with mainstream security tools and technologies, IDS/IPS, etc., and have practical experience in policy formulation and incident handlingFamiliar with web security attack and defense, system penetration testingHave a strong interest in vulnerability discovery and be familiar with common web vulnerability principles such as SQL injection, XSS, etc.Proven expertise in security assessment, vulnerability management, and penetration testing.Have strong language skills in Chinese/English#J-18808-Ljbffr