蚂蚁金服Ant International-Security GRC Engineer-Malaysia
任职要求
- BS/MS in Computer Science / Cybersecurity with at least 5 years or above experience in cyber security or information technology risk management in the financial industry - Experience maintaining information security standards and regulations such as PCI DSS, ISO27001, GDPR, PSD2, SWIFT CSP, and MAS TRM guidelines - Excellent relationship building and communication skills with the ability to engage people from diverse cultures and different levels Good stakeholder management skills, working across the global business and China teams to leverage knowledge and resources from this network to get things done - Good knowledge of cloud computing, networking, OS and its security aspects - Preferably with either CISSP, CISA, CRISC certification - Excellent command of both spoken and written English and Mandarin Chinese to communicate with our Mandarin speaking stakeholders
工作职责
We are looking for passionate technology cybersecurity professionals with Governance, Risk and Compliance (GRC) management experience to be part of Ant Global Information Security team. Qualified candidates are expected to: - Define, manage and update Ant International information security policies, standards, and processes in coordination with different business functions to protect infrastructure, business-critical data and customer information - Ensure policies are consistently applied across Ant International and monitor adherence to the defined governance principles to ensure expected value is delivered. - Work closely with Compliance, Data Privacy and Legal team on new project security reviews, including cybersecurity risk evaluation, assessment, treatment, monitoring to assure high risks are mitigated to acceptable level, and help stakeholders make well-informed decisions. - Liaise with Compliance and various Technology teams on regulator inspection, external audit, customer queries, security certificate programs, and internal audit projects to assure compliance with financial regulations and customer requirements.
L1 SOC monitoring (24x7 shift basis) ● L1 SOC monitoring of security alerts 24x7 utilising SIEM, EDR tools, and intrusion detection systems (IDS/IPS) ● Analyse logs, network traffic, end point data or other source logs to identify suspicious activity or indicators of compromise (IoCs). ● Triage and prioritize alerts based on severity, impact, and organizational risk, and perform required escalations and mitigations Incident response ● Perform containment and mitigation actions for incidents. Escalate confirmed or high-risk incidents to L2/L3 analysts or incident response teams. ● Collate required information to complete incident documentation and report if necessary. Governance ● To support the Security GRC team during regulatory inspection, external audit, customer queries, security certificate programs, and internal audit projects to ensure compliance with regulations and customer requirements. ● Perform due diligence to assess the information security posture of our third parties ● Support in any on-site assessments of our third party / outsourced parties Vulnerability & threat intelligence: ● Stay updated on emerging threats through threat intelligence
1、根据高性能智驾SOC的产品需求,负责系统Security技术方案落地和长期竞争力构建 2、负责智驾SOC的Security场景需求分析、Security系统架构和方案设计,主导完成安全子系统开发交付 3、负责制定和开发SOC安全启动方案,深度参与软件安全架构、Security firmware的方案制定和检视 4、深度参与Security lifecycle的制定及Security相关技术认证
• You will be the primary product and technical advocate, evangelizing across products within the Product Manager-owned portfolio and across the business as well as leverage product and/or technical subject matter expertise as well as industry, market and competitive knowledge to develop competitive strategy, position the value proposition and tailor messaging to both internal and external audiences. • You will develop and execute business strategy and tracks the efficacy of plans across the business to drive sustainable growth within and beyond the boundaries of the fiscal year as well as accept accountability for revenue, scorecard metrics, and key performance indicators (KPIs) for the business and identify strategic priorities and drives alignment across the business to enable the team/stakeholders to deliver against priorities. • You will lead definition and orchestration of strategic go-to-market (GTM) plans across the business and develop plans inclusive of marketing, field, consulting, customer success, and partner functions that support a One Microsoft approach to overall business strategy and execution as well as partner with one commercial partner (OCP) to guide the development and execution of programs to recruit and enable partners to achieve target capacity and quality. • You will ensure Business Group (BG) Leads and field communities have the leadership and enablement needed to run the business locally and serve as the primary orchestrator between the corporate and the field and ensure field and corporate leadership are aligned on business results and actions to take. • You will drive area/subsidiary leadership through revealing and pursuing long-range, white-space growth opportunities and investment plans, including geographical expansion as well cross-references opportunities within the market with the area/subsidiary's capabilities in order to develop strategies that maximize performance across the business. • You will drive a pipeline of feedback from sales to the supply chain and leverage regional competitive knowledge to develop business cases and land services with customers as well as provide authorization for investments and drives follow-through to ensure customers have hardware availability. • You will exemplify Microsoft Values, Culture, Leadership Principles and create clarity by creating a shared understanding and building a clear course of action.
Join NVIDIA’s Security Team as Manager of our China Security Operations Center (SOC), safeguarding the discoveries that power AI, accelerated computing, autonomous machines, and gaming worldwide. Based in mainland China, you will lead analysts who detect, investigate, and contain threats. Your blend of technical depth and empathetic leadership will keep local operations fully aligned with PIPL and other relevant Chinese cybersecurity regulations while sharing intelligence with NVIDIA’s global defenses wherever lawful. Harnessing short Scrum cycles, you’ll drive rapid improvements—from tuning detections to automating playbooks—so every sprint delivers measurable risk reduction. If decisive action, analytical grit, and cross‑functional collaboration excite you, we invite you to craft the future of security at NVIDIA. Resilience emerges where clarity, speed, and trust converge! Ready to convert expertise into agile defenses that keep NVIDIA’s innovations safe?You lead with confident vitality, turning sophisticated threats into clear, time‑boxed objectives and empowering your team to act. Anchored in Agile values, you favor individuals and interactions, working solutions, and fast feedback—ensuring each sprint delivers customer value without sacrificing real‑time response. Data grounds your decisions, passion energizes partners, and steady support nurtures growth even as you set the standard. What you’ll be doing: • Guide, mentor, and develop SOC analysts in China, encouraging a high‑performance, inclusive culture. • Architect and continuously improve monitoring, detection, and response across on‑prem, hybrid, and multi‑cloud environments and protect GPU‑accelerated AI/ML pipelines. • Run the team in Scrum: facilitate planning, stand‑ups, reviews, and retrospectives; maintain a transparent backlog ordered by risk reduction and customer value. • Embed PIPL and other relevant Chinese cybersecurity regulations into day‑to‑day SOC processes, partnering with Legal and Compliance teams while supporting global collaboration where permissible. • Define, track, and act on metrics (MTTD, MTTR, sprint velocity) and operate staffing/on‑call schedules that balance 24 × 7 coverage with follow‑the‑sun hand‑offs. • Evaluate and integrate China‑compliant security tooling and automation, sharing threat intelligence and capabilities with the wider NVIDIA SOC as regulations allow.