岗位描述/Position Mission

The position of IT Governance & Security Teamlead is in the department of Corporate Quality, a cross-functional team that shares a passion for quality, security, new technologies including Artificial Intelligence, agile working methods and automobiles

We are looking for critical loopholes and intrusion gateways into vehicle functions, but together with our partners are also designing processes, technologies and architectures to secure and reliably operate the automotive world of the future.

Our Mission:

»Leading the evolution to the most secure and safe mobility products«

主要职责/Your Responsibilities:

1. Integrated Management System Governance

• Regarding ORL45, actively develop wholistic Integrated Management System Frameworks like ISMS, CSMS, SUMS, AIMS and other management systems and integrate these in QMS on the corporate level in CARIAD China
• Implement, maintain and continuously improve the IMS to ensure the compliance with the norm requirements and ensure the relevant certification.
• Policy development, business stakeholder alignment, risk management, and alignment with Volkswagen Group requirements (e.g. VCIC, CARIAD SE, VWAG)
• Manage overall budget planning, reporting, and resource allocation for IT security, governance operations and IT contracts / licenses
• 2nd Line Function for relevant Management Frameworks (incl. CISO function)

2. Strategic IT Leadership, IT Security

• Lead IT Steering for platforms, IT infrastructure services, and central applications / and additional centrally provided IT services
• Ensure IT Security Operations: Threat detection, vulnerability/patch management, secure baseline enforcement, including relevant tooling like SIEM, EDR, DLP
• Ensure compliance with internal and external requirements like MLPS, CSL, DLS, VDA ISA and local policies / regulations; resolve and track findings from previous audits / assessments
• Oversee Cloud IT Security: Governance, account management, container operations, and cloud-to-group handovers (e.g., VCIC)

3. Enterprise IT & ISMS Taskforce Leadership

• Lead the implementation of “Region China OneIT” approach and steer the finalization of the project
• Mitigate risks from legacy systems and ensure seamless handover of Security Operations to central teams.

4. Team & Stakeholder Management

• Manage a hybrid team of internals and externals across IT Governance, IT Security/Compliance
• Collaborate with Group stakeholders (VCIC, VCTC, CARIAD SE, VWAG) and key stakeholders inside CARIAD (Finance, HR, Corporate Security, Internal Communication, business units)
• Coordinate a cross - department team with all QMC’s within CARIAD CN to steer the QMS activities and align/collaborate with the QMC’s of other entities in the region and group.

Technical key words:

CISO, IT Steering, IT Governance, Taskforce, IT Security, MLPS, CSL, ITIL, ISO 27001, CISO, VDA ISA, ISO42001, ISO9001

岗位要求/Required Qualification:

Education:
Bachelor’s or Master’s in Computer Science, Information Security, or related field.
Certifications: CISSP/CISA, ISO 27001 Lead Auditor, ITIL, ISO9001 internal auditor

Work Experience:

7+ years in IT / information security & Cyber Security MS in VW Group environment and/or in Quality Management

Leadership experience incl. budgeting

Experience in automotive/manufacturing sectors

Experiences in Quality Management in the automotive industry

Project lead experience

Knowledge, skills and abilities:

Expertise in Chinese regulations (MLPS, CSL, DSL) and global standards (ISO 27001 / ITIL), proficiency in IT service management, IT Security topics including tooling, understanding and QMS/ISO9001

Strong stakeholder management skills for cross-group collaboration,

English:  Fluent spoken and written English, Chinese and/or German language is a plus