蚂蚁金服Ant International-Head of Sovereign Cloud & Infrastructure-Ant International
任职要求
• 10+ years in cloud infrastructure, platform engineering, or distributed systems • Strong experience in multi-cloud environments (Alibaba Cloud, AWS, Azure, GCP, OCI etc.) • Proven track record in regulated industries (financial services preferred) • Deep understanding of: o Cloud architecture and distributed systems o Data sovereignty and localization requirements o Resilience, DR design, and high-availability systems • Experience in regulatory compliance and audit requirements for cloud infrastructure • AI Native design ability. Preferred Qualifications • Experience supporting EU/UK regulatory environments (DORA, GDPR, outsourcing/cloud guidelines) • Familiarity with cloud compliance frameworks and regulator expectations (EBA, FCA, ECB) • Experience in large…
工作职责
The Chief System Assurance Officer (CSAO) organization is responsible for establishing a Global Sovereign System Assurance Framework, ensuring that Ant International’s cross-border payment systems are intrinsically Visible, Controllable, Verifiable, Auditable, and Sustainable. The Head of Sovereign Cloud & Infrastructure will lead Ant International’s global sovereign cloud strategy, architecture, and control framework, ensuring that all public cloud deployments (including Alibaba Cloud and other providers) meet: • Data sovereignty and localization requirements • Regulatory compliance and auditability standards • Operational resilience and disaster recovery expectations • Cloud substitutability and exit readiness This role is the control owner for sovereign cloud architecture, ensuring that Ant International’s infrastructure is regulator-acceptable, resilient by design, and not dependent on any single provider. 1. Sovereign Cloud Architecture & Strategy • Design and enforce EU/UK sovereign cloud architecture aligned with regulatory expectations (e.g., DORA, GDPR) • Define and implement multi-cloud / hybrid-cloud strategy to ensure resilience and independence • Establish clear control boundaries between regions, systems, and cloud providers 2. Data Sovereignty & Localization • Implement data localization, residency, and jurisdictional control mechanisms • Ensure strict segregation of regulated data across EU/UK and other regions • Enable full visibility and control over cross-border data flows 3. Cloud Control & Compliance Enforcement • Act as control owner for cloud infrastructure compliance across Alibaba Cloud and other public cloud providers • Ensure cloud environments are audit-ready, traceable, and regulator-compliant • Embed compliance-by-design principles into infrastructure and platform engineering 4. Resilience, DR & Operational Continuity • Define and enforce global resilience architecture (Active-Active / multi-region design) • Ensure compliance with RTO / RPO requirements for critical financial systems • Lead disaster recovery planning, testing, and validation 5. Cloud Substitutability & Exit Strategy • Design and implement cloud exit strategies and portability mechanisms • Ensure workload portability across cloud providers (vendor independence) • Demonstrate regulator-acceptable substitutability capabilities 6. Global Coordination & Engineering Integration • Partner with Engineering, Security, Data, Risk, and Compliance teams • Align with Regional Assurance Hubs (EU / UK / US / APAC) for localized implementation • Integrate sovereign controls into DevSecOps and platform engineering practices Key Deliverables • EU/UK regulator-acceptable sovereign cloud architecture • Fully implemented data localization and control framework • Proven cloud exit and portability capability (tested and auditable) • Resilience architecture meeting Tier 0 financial infrastructure standards
The Chief System Assurance Officer (CSAO) organization is responsible for establishing a Global Sovereign System Assurance Framework, ensuring that Ant International’s cross-border payment systems are intrinsically Visible, Controllable, Verifiable, Auditable, and Sustainable. The Head of Assurance Program will lead the end-to-end design and delivery of Ant International CSAO organization Assurance Program, ensuring all remediation initiatives are executed on time and meet regulatory expectations. This role serves as the single-threaded owner of execution, orchestrating cross-functional teams across Technology, Legal, Risk, Compliance, and Cloud to deliver a fully integrated, regulator-ready system assurance framework. One-line mandate: Own and deliver the assurance program end-to-end, ensuring on-time execution, regulatory readiness, and full VCVAS system realization. Key Responsibilities 1. Assurance Program Governance & Execution Leadership • Establish and own program governance, operating model, and execution cadence • Define and manage end-to-end roadmap, milestones, and delivery plans • Ensure alignment with EU/UK regulatory timelines and expectations 2. Cross-Functional Orchestration • Coordinate across Technology, Legal, Risk, Compliance, Cloud, and regional teams • Align all 12 workstreams into a unified execution framework • Drive clear ownership, accountability, and delivery discipline 3. Risk, Dependency & Escalation Management • Identify and manage program risks, interdependencies, and bottlenecks • Lead issue resolution and escalation to CSAO, CEO, and Board • Ensure proactive mitigation of regulatory, technical, and operational risks 4. Delivery Assurance & Performance Tracking • Establish program KPIs, dashboards, and real-time tracking mechanisms • Ensure on-time delivery across all milestones and workstreams • Drive execution excellence and continuous improvement 5. Regulatory Readiness & Outcome Assurance • Ensure all deliverables meet regulator expectations (ECB / EBA / UK regulators) • Align execution outputs with audit, certification, and inspection requirements • Deliver a fully integrated VCVAS system across EU/UK 6. Executive Reporting & Communication • Provide Board-level and executive reporting on program progress, risks, and outcomes • Develop clear, regulator-ready communication materials • Translate complex execution status into strategic insights and decisions Key Deliverables • All remediation milestones delivered on time • Fully implemented VCVAS (Visible · Controllable · Verifiable · Auditable · Sustainable) system • Demonstrated regulatory readiness and successful inspection outcomes • Integrated, scalable assurance program model for global rollout
The Chief System Assurance Officer (CSAO) organization is responsible for establishing a Global Sovereign System Assurance Framework, ensuring that Ant International’s cross-border payment systems are intrinsically Visible, Controllable, Verifiable, Auditable, and Sustainable. The Head of Cryptographic Assurance & Verifiability will lead Ant International’s cryptographic trust architecture and verifiable compliance framework, ensuring that system integrity, data protection, and compliance are: • Cryptographically provable (not trust-based) • Tamper-resistant and independently verifiable • Aligned with global regulatory expectations • Embedded into system design and operations One-line mandate: Build cryptographic assurance systems that make Ant International provably compliant, tamper-proof, and regulator-verifiable by design. Key Responsibilities 1. Cryptographic Architecture & Key Sovereignty • Design and implement global cryptographic architecture for payment systems • Own Key Management Systems (KMS), including lifecycle, rotation, and access control • Ensure key sovereignty and jurisdictional control aligned with regulatory requirements • Enforce strong encryption standards (data at rest, in transit, in use) 2. Verifiable Systems & Tamper-Proof Logging • Design tamper-proof logging and immutable audit trails • Implement cryptographic integrity mechanisms (e.g., hashing, signing, chaining) • Enable independent verification of system behavior and transactions 3. Secure Computation & Advanced Trust Technologies • Evaluate and deploy Trusted Execution Environments (TEE) and secure enclaves • Implement privacy-preserving computation and secure data processing (if applicable) • Explore advanced techniques such as zero-knowledge proofs or verifiable computation 4. Cryptographic Compliance & Regulatory Alignment • Align cryptographic controls with global regulatory and certification standards • Provide regulator-verifiable proof of system integrity and compliance • Support audits, inspections, and independent validation of cryptographic controls 5. “Don’t Trust Us, Verify Us” Architecture • Lead the design of verifiable-by-default systems • Enable real-time verification capabilities for regulators and auditors • Integrate cryptographic assurance into Control Tower and compliance platforms 6. Global Coordination & Engineering Integration • Partner with Security, Cloud, Data, Engineering, and Compliance teams • Embed cryptographic controls into DevSecOps, platform engineering, and system design • Align with Regional Assurance Hubs for localized regulatory implementation Key Deliverables • Fully implemented cryptographic proof-based compliance system • Tamper-proof, regulator-verifiable audit infrastructure • Proven end-to-end integrity guarantees for critical financial systems • Integration of cryptographic assurance into global Control Tower and audit frameworks
1. Develop clear and practical standards and processes for issue responsibility, including rider service management and rider appeals. Continuously promote online and automated solutions to reduce order and customer losses caused by delivery issues, and improve the accuracy and efficiency of problem handling. 制定科学判责标准及流程规范,包含骑手服务管控、骑手申诉等能力建设,并持续推动线上化、自动化的解决方案落地。一方面,降低因为交付异常导致的订单损失、客户损失的发生概率;一方面,提高异常问题处理的准确度和效率 2. Take responsibility for fulfillment-related service quality indicators, solve or reduce the top incoming issues. Responsible for fulfillment-related service quality metrics, solving or reducing the top incoming issues. Optimize fulfillment service processes, such as designing the return process for undeliverable orders by riders, and moving the handling of delivery disputes among users, merchants, and riders online and towards automation.对履约相关的万服指标负责,解决或降低进线top问题。优化履约服务流程,如骑手无法送达返还流程设计、用户/商家/骑手交付矛盾处理线上化、自动化等 3. Create execution standards, process mechanisms, and product operation tools for experience management. Make sure frontline teams can easily understand and follow them, and reduce CPO (cost per order) by improving service experience.输出体验管控相关的执行标准、流程机制、产品运营工具。确保需前线落地的内容可理解、可执行,通过提升体验的方式来降低CPO 4. Based on cultural differences and common features of service delivery in different countries, set up service standards and rules for riders, merchants, and users. Design suitable solutions and build connections with B-end, C-end, and customer service teams to improve the overall service experience.基于各国文化差异性和服务交付流程的共性,建立骑手/商家/用户服务标准及约束,设计适配方案,与B端C端、客服等部门建立联动机制,改善服务体验 5. Work with internal and external resources to support rider equipment asset management, usage checks, and new equipment development in different countries and regions. Ensure riders can work smoothly and help build a positive brand image for keeta.联动内外部资源,负责支持不同国家和地区的骑手装备资产管理、使用检核、新装备开发。一方面确保骑手正常工作,一方面对keeta的品牌价值产生正向作用
Head of D-End Operations: 1. Responsible for D-end operations management, particularly in fulfillment and delivery management under crowd-sourcing and franchise models, providing professional guidance and support. 2. Develop and execute fulfillment and delivery strategies to ensure service quality and efficiency. 3. Lead new business development from 0 to 1, driving the growth of D-end business. 4. Coordinate cross-departmental resources to optimize fulfillment processes and enhance operational efficiency. 5. Manage and develop the team, promoting effective collaboration and achievement of performance goals. D端负责人: 1.负责D端运营管理,特别是众包、加盟模式下的履约配送管理,提供专业指导与支持; 2.制定并执行履约配送战略,确保服务质量和效率; 3.负责从0到1的新业务开拓,推动D端业务发展; 4.协调跨部门资源,优化履约流程,提升运营效能; 5.管理并培养团队,推动团队高效协作与绩效达成。 Key Strategist for D-End Operations: 1. Responsible for formulating fulfillment and delivery strategies for the D-end, managing riders and delivery teams to ensure smooth operations. 2. Provide data analysis support to optimize delivery processes and efficiency. 3. Participate in the development and implementation of new businesses to enhance business competitiveness. 4. Support team efforts and collaborate to promote cross-departmental cooperation. D端策略运营骨干: 1.负责D端履约配送策略制定,管理骑手及配送团队,确保运营顺畅; 2.提供数据分析支持,优化配送流程与效率; 3.参与新业务的开拓和落地,提升业务竞争力; 4.支持团队工作,协作推动跨部门合作。