Expert Application Security Consultant - Director Level
国家/地区 : 中国
省份 : 上海
城市 : Shanghai
类别 : 审计-咨询-法律
合同类别 : 正式员工
工作性质 : 全职
As an Expert Application Security Consultant- Corporate Information Security, you will join a diverse team of technical experts in building a world-class security technical advisory and thought-leadership organization providing exceptional and practical, technical and logistical direction to its internal customers; enabling Nike to move and innovate rapidly while minimizing risks to the Brand. Our focus is in the areas of Secure Development Lifecycle Management, Application Security (WWW and Mobile), Cloud Security, Risk and Compliance, and Business to Business Security within Nike's Business Units. We work under a center-led business-partner model, and as such, strong communication, leadership and problem-solving skills are a must.
Contribute to CIS and the Application Security Consulting organization whose mission is:
* Provide critical input and guidance to ensure that Nike's Business is aligned appropriately with Corporate Information Security when considering key priorities such as business requirements, industry threat landscape, and risk appetite of Nike, Inc.
* Work closely with Nike Business and Technical teams end-to-end in releasing secure and compliant infrastructure, applications and experiences at the speed of business.
* Partner with business and technology to provide expert security guidance into design and implementation of Nike's Business capabilities.
* Consult with both technology and business teams to identify priorities and security capability requirements, and incorporate these requirements into the security strategy.
* Strong Application Security knowledge and confidence in communicating with both highly technical audiences and non-highly technical audiences.
* Experience with SAP, Supply Chain, Retail business, and Manufacturing processes is highly beneficial.
* Extremely strong written and verbal communication skills and an ability to communicate across all areas and levels of the business and to comprehend complex business initiatives.
* Proven ability to pull a diverse group of individuals with different goals together and facilitate productive discussions driving towards results.
* Excellent analytical and problem solving skills; proven experience in identifying solutions for complex problems.
* Motivated self-starter who is has a track record of taking ownership of information security challenges and driving them to resolution.
* Proven ability to work within highly matrixed organization to influence and drive results.
* Proven ability to communicate and influence security service catalogs, technologies, capabilities, and strategic roadmap and priorities.
* Expertise in several security domains such as Application Security, Cloud Security, Network Security, Mobile Security, End-Point Security, Identity Services, Risk Management, & Data Protection capabilities.
* Expert in Cloud technologies (IaaS, SaaS, and PaaS) and implementations, including delivery models.
* Bachelor's degree in Computer Science or Business Information Management or equivalent work experience.
* Minimum 10 years' experience in information security or information technology disciplines.
* CISSP, CISM, CISA, CRISC, SANS or related certifications strongly preferred but equivalent knowledge will be considered.