Application Security Consultant
国家/地区 : 中国
省份 : 上海
城市 : Shanghai
类别 : 审计-咨询-法律
合同类别 : 正式员工
工作性质 : 全职
We're looking for an Application Security Consultant for Greater China Converse and Nike, with primary focus on Converse. This role will be involved with building a world-class security technical advisory and thought-leadership organization providing exceptional and practical, technical and logistical direction to its internal customers; enabling business to move and innovate rapidly while minimizing risks to the Brand. The focus areas for this role are Security Architecture, Secure Development Lifecycle Management, Application Security (WWW and Mobile), Cloud Security, Risk and Compliance, and Business to Business Security within Business's Digital Business Units
The candidate needs to have strong Application Security knowledge, extremely strong written and verbal communication skills and an ability to communicate across all areas and levels of the business and to comprehend complex business initiatives, excellent analytical and problem solving skills, and be a motivated self-starter who is has a track record of taking ownership of information security challenges and driving them to resolution.
The candidate also needs to have knowledge of industry best practice frameworks, such as ISO, NIST and CoBIT. You will regularly meet with business and technology teams across Converse and Nike to consult with them on their security and compliance requirements. You will work cross-functionally within the Corporate Information Security (CIS) teams and across Converse and Nike.
SECTION 2: WHAT WILL YOU WORK ON
If this is you, you'll be working with the Application Security Consulting, Converse and Nike Tech and other key stakeholders (such as Legal/Privacy) to perform these key tasks:
* is aligned appropriately with Nike Corporate Information Security when considering key priorities such as business requirements, industry threat landscape, and risk appetite of Converse and Nike, Inc.
* Work closely with Converse and Nike development teams from end-to-end in releasing secure and compliant infrastructure, applications and experiences at the speed of business.
* Partner with business and technology to provide expert security guidance into design and implementation of Converse and Nike capabilities.
* Consult with both technology and business teams to identify priorities and security capability requirements, and incorporate these requirements into the security strategy.
* Provide input to overall risk strategy for supported Converse and Nike Engineering teams.
* Define and implement risk mitigation roadmaps and for supported application teams.
* Define business and technology requirements to teams responsible for enterprise security solution development.
SECTION 3: WHO WILL YOU WORK WITH
This role will report to the regional Corporate Information Security (CIS) leadership and dotted line reporting to global CIS Converse leadership. The candidate shall also closely work with the regional business, technology, various governance and Legal and Privacy functions.
* Bachelor's degree in Computer Science or Business Information Management.
* Minimum 5 years experience in information security or information technology disciplines.
* Prior experience in developing applications is desired.
* Proven ability to pull a diverse group of individuals with different goals together and facilitate productive discussions driving towards results.
* Proven experience in identifying solutions for complex problems in enterprise environments.
* CISSP, CHH, OSCP, OSCE, GPEN, CPT certifications highly beneficial.