知名零售快消公司
IT Security Manager
零售批发
网络安全
上海
10年以上
本科
面议
职位描述
Multi-Cloud Security Leadership: Lead the design, implementation, and operation of multi-cloud security frameworks, encompassing architecture, baseline controls, DevSecOps practices, tooling, and automation.
Cloud Security Architecture & Governance: Partner with cyber and data security teams to develop and deploy cloud-native security solutions that enhance infrastructure and application protection.
Baseline Management: Establish and maintain secure OS and Kubernetes cloud baselines, ensuring regular compliance checks and remediation aligned with security standards.
Secure SDLC & DevSecOps Enablement: Champion DevSecOps culture by integrating group-level security tools into local application ecosystems. Oversee integration of SAST, DAST, SCA, and other security tools into engineering workflows.
Vulnerability Management: Ensure infrastructure vulnerabilities are continuously monitored and remediated in accordance with cybersecurity policies.
Incident Response & Collaboration: Act as a technical lead in infrastructure security, providing expert support during security incidents and collaborating across teams to safeguard business operations.
职位要求
Bachelor’s degree or higher in Information Technology or a related field.
10+ years of experience in infrastructure security operations and management, including 5+ years of hands-on Cloud Security governance.
Deep expertise in Docker and Kubernetes security configuration and hardening.
Solid understanding of cloud-native security architecture and hardening practices.
Familiarity with public cloud landing zones and deployment models.
Knowledge of security standards and compliance frameworks such as NIST, CIS, MLPS, and ISO27001.
Exceptional cross-functional collaboration skills, with the ability to balance priorities across technology, business, application, and cybersecurity teams.
Strong problem-solving abilities and leadership in high-pressure incident response scenarios.
Certifications such as CISSP, CCSP, Certified Kubernetes Security Specialist, or other cloud security credentials are a strong advantage.
咨询顾问
Shawn Cong
团队经理-IT & Cyber Security
分享