ISMS security expert

 <微软环境管理/ Microsoft Environment Management - ISMS security expert >             

部门/Department: C|TN-3            地点/Location: Beijing (CN_BJ)          

工作经验/Applicant experience level: experienced

岗位描述/Department Mission

• Deploying and managing CARIAD China business IT environment;
• Managing information security environment. Prevent any risks from system vulnerability, data loss, and cyber attacks. Design and implement security policies to protect digital assets from theft.
• Ensure all service systems are maintained and optimized, in particular in the area of Microsoft environment and backup solutions, and follow all required regulations and standards (both internal and external);
• He manages overall infrastructure service to fulfill the requirements of IT projects such as capacity planning, hardware estimation, service implementation, and more.
• Managing and maintaining Active Directory, Exchange Server 2019, and related systems such as password management systems, federation services, audit services, etc. in the CARIAD China environment, as well as monitoring daily service health status and proactively handling related issues.
• Managed the MDM system and the related security management system in the CARIAD environment, as well as the Azure AD system. Specifically for the good status of the user's Macbook system.

主要职责/Your Responsibilities :

Responsible for the company's operation of Microsoft products and information security environment.

• Experience performing security and vulnerability assessments using modern scanning tools, including OS, network, and web application scanning, and providing detailed reports to aid in remediation efforts
• Assists in technical and forensic investigations in response to threats and incidents, and participates in the development and implementation of solutions to mitigate and/or eliminate risk
• Identifies and report recognized or potential Information Security threats and other Information Security issues
• Provide expertise in the areas of IT security (active support in the choice of tool and in their implementation
• Familiarity with workstation, application & database server scanning tools
• Technical knowledge in routing, firewall policy, Anti-Distributed Denial of Service (Anti-DDoS), Web Application Firewall (WAF), Intrusion Prevention System (IPS), Security Information and Event Management (SIEM), secure credential management, virtualization, service oriented architecture, development practices, operational practices, micro services architecture and database design
• Examine and research modern digital technologies and AI-driven attacks and protection skills.
• Ensure optimal technical design based on concepts, implementation, and maintenance, as well as continuous improvement processes to keep the architecture up-to-date;
• Responsible for managing and improving the integration of various technical existing and newly implemented platforms;
• Ensure proper capacity management & lifecycle management to have transparent management and to plan and act in advance to avoid any technical issues;
• Regularly check the system's health and performance and immediately perform actions to resolve any issues.
• Collaborate with other IT teams to integrate systems with third-party applications and services, ensuring seamless operation and service agreement.
• Played as a project leader to manage service portfolio from design, engagement, deployment, and release to end users.
• Document system configurations, processes, and procedures for knowledge-sharing and training.
• Develop, implement, and manage comprehensive information security programs, policies, and procedures to protect the organization's digital assets and ensure compliance with relevant regulations and standards.

岗位要求/Required Qualification:

Education background

Bachelor's degree or Master's degree in Computer Science or related.

Working experiences

• 8+ years’ experience in Microsoft environment administration.
• Experience in the Automotive Industry – Preferred.
• Strong written and oral communication skills in English

Technical / Professional skills

• Provide technical support and troubleshooting for information security and compliance issues, diagnosing and resolving problems promptly to ensure a secure and compliant environment.
• Monitor security events and incidents, conducting thorough investigations to determine the root cause, impact, and appropriate mitigation measures. Respond to security incidents promptly and effectively.
• Implement and maintain security tools, technologies, and solutions, such as firewalls, intrusion detection/prevention systems, antivirus software, and encryption tools, to defend against cyber threats.
• Manage access controls, including user provisioning, role-based access control, and privilege management, using tools like Active Directory and identity management solutions.
• Rich experience in Data Center Management. Strong knowledge of modern Servers/Blade enclosure/SAN technologies like Dell/HP/EMC;
• Rich experience in virtualization systems. Good knowledge of VMware vCenter, vSphere ESXi or VDI, and Microsoft Hyper-V;
• Experience in Hyper-Converged Infrastructure (Nutanix, etc.)- Preferred
• Design, deploy, and manage Microsoft-based systems, including Windows Server, Active Directory, Exchange Server, SharePoint, and Relevant certifications (e.g., MCSE, MCSA, MCITP) are a plus.
• Designed, deployed, and managed Linux-based systems, including Redhat Linux, CentOS, Ubuntu, SUSE, and open-source applications like LAMP, Zabbix, etc. RHCE/RHCA certificate is a plus. (Optional but preferred)
• Good knowledge of Office365/Azure and other cloud platform technologies;
• Rich experience with PowerShell or Python scripting to optimize system management and optimization. Any production tools in the past working environment are proven;
• Implement and enforce security measures such as user access control, data encryption, and vulnerability management to safeguard company data and assets, maintaining compliance with industry regulations (e.g., GDPR, SOX, ISO27000).
• Industry experience with modern ITSM environment, more than three years with popular ITSM platforms (e.g., ServiceNow). ITIL certificate is a plus.