携程Senior Data Security Specialist (EU Compliance Focus)(MJ027388)
任职要求
* Bachelor’s degree in Information Technology, Computer Science, or a related field * Minimum of 5 years of experience in information security or data privacy, at least 2 years of experiences in audit or consulting service * Proven experience with PCI-DSS, GDPR and other data protection regulations or standards * Deep understanding of cloud infrastructure like AWS, Google Cloud * Strong communication and interpersonal skills, with the ability to interact effectively different functions of the organization * Sound project management skills * CIPP/E or equivalent privacy certification is preferred * Knowledge of NIS2, DSA, and EU Accessibility Act compliance is a plus
工作职责
* Maintain comprehensive compliance program for PCI-DSS * Conduct regular internal data security audit and oversee the implementation of corrective actions * Partner with Legal, Product and other teams in both group and local level to ensure GDPR compliance (e.g. Cookie, DSR, DPIA ) * Develop and enforce local security policies and procedures that in line with ISMS * Promote security awareness through training, workshops and internal communications * Support data security incident response and facilitate preventive measure to reduce the likelihood * Daily security support to business teams
1. Monitor and track global data security & compliance policies, analyze the requirements and impacts of policies on international cloud business, and work closely with headquarters to promote the certification of relevant policies and qualifications in the region or country to ensure business meet the compliance requirement; 2. Work closely with the regional business team to understand the customer compliance requirements, and coordinate with the headquarters to support; 3. Establish a routine communication mechanism with major national and regional compliance industry associations, and actively participate in the corresponding compliance activities and delivery of corresponding white papers; 4. Analyze global compliance updated policies, and share relevant compliance content for regional business teams and international staff; 5. Work as a project manager to conduct regional security & privacy compliance audits;
You will be a key member of Ant International’s product team to help achieve company’s global vision. You will plan and execute the development and integration of world-class payment capabilities to empowering Global markets. You will take ownership of the products to ensure optimal user experience, modularized mid-platform, security and compliant to regulations. Responsibilities: • Design the smart user growth product solution for different industries clients, timely and accurately grasp market demand, by extensively understanding clients 'evolving needs. • Develop short-term and long-term product plans, innovate interaction and scenarios, enhance user consumption and interaction experience. • Acquire a deep understanding of the demands of clients, identify product insights to uncover business opportunities, and advance integrations & partnerships. Be capable of efficiently upselling products through a keen understanding of customer requirements and market potential. • Align with business stakeholders to drive meaningful outcomes and ensure a cohesive user experience. • Manage cross-functional products and coordinate the delivery process of these products including roadmap creation, product design, deployment, monitoring, performance to scalability. • Work with external partners to ensure seamless integration of products and services.
• Ship features with PM & Engineering. Co‑own scenario goals; translate product requirements into scientific plans and productionized solutions that meet quality/latency/cost targets. • Model development & optimization. Design, fine‑tune, and evaluate models for LLM‑based authoring, summarization, reasoning, voice/chat, and personalization (e.g., SFT, alignment, prompt/tool use, safety filtering, multilingual & multimodal). • Data & evaluation at scale. Build/extend data pipelines for curation/labeling/feature stores; author offline eval harnesses; run online A/Bs and interleavings; define guardrails and success metrics; author scorecards and decision memos. • Production ML engineering. contribute to service code and configs; add monitoring, tracing, dashboards, and auto‑scaling; participate in on‑call and postmortems to improve live‑site reliability. • Responsible AI. Produce review artifacts, document mitigations for safety/privacy/fairness, support red‑teaming and sensitive‑use checks, and align with Microsoft’s Responsible AI Standard. • Collaboration & mentoring. Partner across PM/ENG/Design/CE/ORA/CELA; share methods and code, review PRs, improve reproducibility and documentation; mentor junior scientists.
THE ROLE This role will work as Senior role to support IT Risk and Compliance lead (China & APAC) in Information Security areas, and to effectively collaborate with stakeholders to develop policies/processes, identify issues and risks, suggesting risk remediation strategies and driving towards compliance. RESPONSIBILITIES • Develop and maintain Tesla Information Security policies, frameworks, guidance and metrics based on internal, domestic and industrial information security regulations and standards, such as ISO27001, ISO27701, NIST, etc. • Collaborate with Product owners, Engineers, and Business process owners, and system owners to ensure security process are well established and followed. • Support in cyber compliance programs including China Cybersecurity Law (CSL), China Data Security Law (DSL) and Personal Information Protection Law (PIPL) compliance. • Assist in IT Governance, Risk and Compliance team in documenting and reporting control deficiencies upon discussion with business owners, Internal Auditors and collaborate with business owners regarding recommendations to address the root cause of issues and report support implementation of management remedial actions.