滴滴Safety & Security Tech Expert(JR20260326009)
任职要求
1.有丰富的风险对抗和治理经验,能给团队带来行业洞…
工作职责
作为滴滴国际业务如下一个或多个垂类领域风险治理负责人,为安全水位和安全体验负责: 1)网络安全方向,为反入侵结果负责,覆盖基础设施安全、应用安全等。 2)数据安全方向,确保敏感数据得到有效防护,不发生泄漏或勒索等严重或高危事件。 3)身份安全方向,确保身份可信。机器流量应拦尽拦,设备可信、账户可信,防止因身份风险引入的爬虫或业务安全风险。 4)反爬,避免重要数据被恶意爬取。 5)业务安全方向,覆盖商户和商品风险治理、履约风险治理,营销安全、交易安全、资金安全等方向。 6)金融科技合规方向,熟悉海外监管政策和法律法规体系,有丰富的监管迎检和监管上报经验。 7)安全蓝军方向,以攻促防,负责网络安全、数据安全、业务安全等方向的防护能力体检和验收,补齐攻击者视野。 8)安全文化运营方向,有安全培训、SRC、安全专测和众测经验等。
完善国际化安全风险管理体系,推动持续改进; 与安全中台及区域团队紧密协作,组织安全风险扫描,监控并评估各地区、关键产品和流程的风险状况; 通过事故调查、复盘、测试等方式发现并跟踪改进机会; 主导安全内审及管理评审; 完善安全危机管理流程与机制,赋能区域危机管理团队,为危机预防提供指导; 主导分析与对标工作,将宏观战略转化为可快速落地的具体行动方案。
You will be responsible for creating security policies and processes for 13 countries around the globe. This entails market analysis, alignment with senior stakeholders, and multinational collaboration to generate insights guiding the effective design and implementation of policies ensuring user protection and trust on the platform. 1. Create and improve the procedures, rules, standards, and related products of IBG safety case handling. 2. Responsible for the creation and implementation of safety case classification, case judgment, control policy, and appeal standards. 3. Responsible for organizing public committees to continuously optimize rules and policy, creating fair, just, and transparent rules. 4. Conduct safety operation data analysis and case review regularly, and propose optimization plans.
1.安全策略设计与落地:针对海外市场的安全风险制定产品化治理策略。将抽象的安全策略转化为产品需求文档(PRD)、数据指标和技术实现方案。 2.产品规划与迭代:与算法、工程、数据科学团队合作,推动安全相关功能的设计与上线。持续优化安全工具和工作流,提高识别准确率与处置效率。 3.跨部门协作: 与海外政策(Policy)、法律(Legal)等团队合作,确保产品符合全球及本地法规与文化预期。与审核运营(Operations)团队对接,确保工具和策略在一线审核中可执行。 4.风险监测与效果评估:基于数据分析评估策略与产品的执行效果,发现漏洞并提出优化方案。追踪国际安全与合规趋势,预判潜在风险,提出前瞻性产品方案。 5.应急响应:在全球突发事件(如重大公共安全事件、跨境舆情、恶意攻击)中快速制定并推动安全策略调整。
1.Safety Strategy Architecture Develop the O2O safety governance blueprint for Brazil, building an intelligent risk management system that covers all delivery scenarios (prevention-response-disposal). Lead the localization innovation of safety products, driving the implementation of core technological modules such as biometric authentication, real-time risk mapping, and public-private safety collaborations. Establish a safety and health index system (TRUST Index) to drive multi-threaded collaboration across product, operations, and government affairs. 2.Ecosystem Protection Plan Build a rider safety empowerment system: from risk prevention to real-time intervention and event management, providing full-cycle protection. Create a joint defense mechanism for high-risk areas: collaborate with the Ministry of Transportation and Federal Police to establish a digital safety corridor. Design a merchant safety credit model: use data sharing to reduce systemic risks in offline transactions. 3.Crisis Management Leadership Establish a 24/7 intelligent emergency command center, ensuring rapid response and closure of major events within minutes. Build and nurture a localized security operations team, creating a ground support network across 12 key cities.