阿里巴巴LAZADA-Cyber security architect-安全架构师
任职要求
1. 10年以上安全相关工作经验,具备互联网公司平台型安全建设经验优先; 2. 具备国际安全架构设计、产品输出或跨境合规项目经验,熟悉至少一个区域的法规与合规体系(如欧盟、东南亚、MENA、拉美等); 3. 熟悉身份访问、数据安全、DDoS、WAF、API安全、终端防护等关键安全模块的架构与落地; 4. 具备全球视野与中英文工作沟通能力,能驱动跨国团队协作及项目管理; 5. 对国内安全技术生态有深入理解,同时有将其解耦、模块化输出到海外环境的能力; 6. 较强的组织协调与推动力,能够在复杂组织中联合多方资源达成目标。 1. 10+ years in cybersecurity or platform security roles; experience in large-scale internet or cloud-native businesses preferred; 2. Practical experience with at least one overseas market’s security or compliance requirements (e.g., EU, SEA, MENA, LATAM); 3. Strong architecture knowledge in key areas: IAM, DDoS mitigation, API/WAF security, data encryption, EDR; 4. Fluent in both Chinese and English; effective cross-border communicator and stakeholder driver; 5. Deep understanding of the Chinese security ecosystem and how to decouple/internalize capabilities for export; 6. Strong organizational and project leadership skills, with proven ability to deliver outcomes across multi-team setups.
工作职责
1. 安全战略落地与能力迁移 ○ 基于集团已确立的国际化安全战略,协助制定落地路线图; ○ 协同阿里控股安全团队将国内成熟的基础安全平台能力(如办公安全、生产安全、数据安全等)迁移至国际业务场景,实现“能力出海”。 2. 全球基础安全体系建设 ○ 搭建适配海外市场的基础安全体系,包括访问控制、数据保护、日志审计、威胁监测等; ○ 支撑 Lazada、AliExpress、Miravia等多区域业务的安全能力统一与差异化融合。 3. 产品与平台国际化适配 ○ 推动已有安全能力的国际化重构与组件解耦(语言、部署、合规、接口标准等); ○ 指导控股安全平台产品形成海外通用输出形态,如SaaS化/轻代理/API服务化等。 4. 合规与数据主权落地 ○ 结合各区域法规要求(如GDPR、PDPA、拉美数据法等),推动策略制定与落地执行; ○ 支持数据本地化、跨境流转审计、国际隐私保护机制建设。 5. 全球安全运营能力建设 ○ 协同安全运营团队搭建覆盖多时区、多语言的全球运营体系(轻量SOC、安全工单系统等); ○ 搭建全球威胁情报适配与协同机制,支撑本地事件响应能力。 6. 跨团队协作与团队建设 ○ 与平台(集团安全产技)、业务、安全技术、安全合规、法律、海外运营等团队紧密协作; ○ 参与相关人才梯队建设,为国际安全团队注入全球化能力。 Strategic Execution & Capability Reuse ● Translate group-level global security strategies into actionable execution plans; ● Drive the migration, adaptation, and productization of Alibaba’s core security capabilities (Cloud Infrastrcure, Application and Data Security, etc.) for international business use. Global Security Infrastructure & Architecture ● Build baseline security architectures across markets, including access management, data protection, audit/logging, and threat detection; ● Support regional business security unification while respecting localized needs. Internationalization of Security Products ● Lead internationalization efforts for internal security tools: multi-language support, local deployment architecture, and regional compliance standards; ● Deliver modular, API-driven, and SaaS-compatible security components for overseas platforms. Compliance & Data Sovereignty ● Design and enforce compliance frameworks aligning with GDPR, PDPA, CCPA, and other regional data privacy regulations; ● Support data localization, cross-border flow auditing, and international privacy mechanism design. Security Operations & Threat Response ● Co-build regionalized security operations capabilities (SOC-lite models, incident response playbooks, multilingual ticketing systems); ● Establish globally coordinated threat intel and response mechanisms. Cross-Team & Talent Development ● Work closely with security engineering, platform, legal, compliance, and international operations teams; ● Mentor or hire security professionals with international capabilities and build the foundation of a globally distributed team.
1. Technical Strategy & Architecture: Own the overall technical architecture design, technology selection, and evolution plan for the Web3 wallet APP. Develop and execute a long-term technical roadmap; 2. 0-to-1 Product Development: Lead the entire development lifecycle of the wallet APP, including requirements analysis, system design, development, testing, launch, and continuous iteration, ensuring high-quality project delivery; 3. Blockchain Integration & Innovation:Possess deep expertise in interacting with multiple public chains, responsible for integrating and managing blockchain nodes, and optimizing on-chain transaction speed and success rates.Have an in-depth understanding of the technical details of interacting with DeFi protocols, including smart contract invocation, signing, Gas optimization, and security audit points. Lead the team to implement secure and reliable complex features like DeFi and Staking.Explore and integrate cutting-edge technologies such as Account Abstraction, and cross-chain bridges to enhance product competitiveness; 4. Security & Performance Assurance: Establish the highest standards for secure coding practices and security audit processes. Bear ultimate technical responsibility for the security of core modules like private key/mnemonic management and transaction signing. Continuously optimize APP performance and user experience; 5. Team Building & Management: Recruit, mentor, and manage a high-performing technical team, including front-end, back-end, mobile, and blockchain engineers. Foster a positive and collaborative technical culture; 6. Cross-functional Collaboration: Work closely with Product, Operations, and Design teams to translate business requirements into technical solutions. Provide technical input for company-level strategic decisions. 1. 技术战略与架构设计: 负责Web3钱包APP的整体技术架构设计、技术选型与演进规划,制定长期的技术发展路线图; 2. 从0到1的产品研发: 主导钱包APP的整个开发生命周期,包括需求分析、系统设计、开发、测试、上线及持续优化,确保项目高质量交付; 3. 区块链技术集成与创新:精通与多条公链的交互原理,负责集成和管理各类区块链节点,优化链上交易速度与成功率。深度理解与DeFi协议交互的技术细节,包括智能合约的调用、签名、Gas优化、以及安全审计要点,带领团队实现安全可靠的DeFi、Staking等复杂功能。探索和集成前沿技术,如账户抽象、跨链桥等,提升产品竞争力; 4. 安全与性能保障: 建立最高标准的安全编码规范和安全审计流程。对私钥/助记词管理、交易签名等核心模块的安全性负最终技术责任。持续优化APP性能与用户体验; 5. 团队建设与管理: 组建、培养和管理一支高效的技术团队,包括前端、后端、移动端和区块链工程师,营造积极向上的技术氛围; 6. 跨部门协作: 与产品、运营、设计等部门紧密合作,将业务需求转化为技术方案,并为公司战略决策提供技术输入。
Join NVIDIA’s Security Team as Manager of our China Security Operations Center (SOC), safeguarding the discoveries that power AI, accelerated computing, autonomous machines, and gaming worldwide. Based in mainland China, you will lead analysts who detect, investigate, and contain threats. Your blend of technical depth and empathetic leadership will keep local operations fully aligned with PIPL and other relevant Chinese cybersecurity regulations while sharing intelligence with NVIDIA’s global defenses wherever lawful. Harnessing short Scrum cycles, you’ll drive rapid improvements—from tuning detections to automating playbooks—so every sprint delivers measurable risk reduction. If decisive action, analytical grit, and cross‑functional collaboration excite you, we invite you to craft the future of security at NVIDIA. Resilience emerges where clarity, speed, and trust converge! Ready to convert expertise into agile defenses that keep NVIDIA’s innovations safe?You lead with confident vitality, turning sophisticated threats into clear, time‑boxed objectives and empowering your team to act. Anchored in Agile values, you favor individuals and interactions, working solutions, and fast feedback—ensuring each sprint delivers customer value without sacrificing real‑time response. Data grounds your decisions, passion energizes partners, and steady support nurtures growth even as you set the standard. What you’ll be doing: • Guide, mentor, and develop SOC analysts in China, encouraging a high‑performance, inclusive culture. • Architect and continuously improve monitoring, detection, and response across on‑prem, hybrid, and multi‑cloud environments and protect GPU‑accelerated AI/ML pipelines. • Run the team in Scrum: facilitate planning, stand‑ups, reviews, and retrospectives; maintain a transparent backlog ordered by risk reduction and customer value. • Embed PIPL and other relevant Chinese cybersecurity regulations into day‑to‑day SOC processes, partnering with Legal and Compliance teams while supporting global collaboration where permissible. • Define, track, and act on metrics (MTTD, MTTR, sprint velocity) and operate staffing/on‑call schedules that balance 24 × 7 coverage with follow‑the‑sun hand‑offs. • Evaluate and integrate China‑compliant security tooling and automation, sharing threat intelligence and capabilities with the wider NVIDIA SOC as regulations allow.
Technical Leadership: • Oversee the technical pre-sales lifecycle for complex deals, acting as the primary solution architect for client engagements. • Guide clients through cloud adoption strategies, designing innovative solutions that prioritize their operational and technical requirements. • Coordinate cross-functional teams (engineering, sales, support) to ensure seamless implementation and customer momentum. Strategic Collaboration & Advocacy: • Cultivate relationships with key stakeholders to align cloud roadmaps with business goals and long-term growth initiatives. • Develop reusable best practices, frameworks, and assets based on customer feedback to accelerate enterprise-wide cloud adoption. Customer Success & Team Development: • Lead customer onboarding, launches, and events, partnering with support teams to ensure smooth transitions post-sale. • Mentor junior engineers through technical training and knowledge-sharing to strengthen team capabilities.