岗位职责:
1. Security assessment and project support of information security service projects; (20%)
负责信息安全服务项目的安全评估工作和项目支持工作; (20%)
2. Implementation of industrial information security projects, and assist customers in grading and filing, gap analysis, scheme design, security rectification, management system and other related work; (30%)
负责工业信息安全项目实施,协助客户完成定级备案、差距分析、方案设计、安全整改、管理制度等相关工作;(30%)
3. Overall evaluation and planning of customer information security system, design and implementation path; (20%)
对客户信息安全体系的整体评测与规划,设计推进路径; (20%)
4. Provide consulting services such as industrial control safety planning, safety management system, emergency management, and level protection; (5%)
负责工控安全规划、安全管理体系、应急管理、等级保护等咨询服务; (5%)
5. Provide security services such as penetration test, vulnerability scanning and code audit; (5%)
渗透测试、漏洞扫描和代码审计等安全服务; (5%)
6. Track and study the development trends, policies, regulations, and new technological requirements of industrial information security, evaluate and optimize relevant security services; Capability requirements; (10%)
跟踪研究工业信息安全发展趋势、政策法规和新技术要求,评估优化相关安全服务; (10%)
7. Complete other tasks assigned by the department manager. (10%)
完成部门经理布置的其他任务。 (10%)
任职条件:
1.Bachelor's degree or above in automation/industrial control, computer related major;
自控/工控,计算机类相关专业,本科生及以上学历;
2. Familiar with the technical principles and related technological trends of information security, have a deep understanding of information security implementation methods and means, and be familiar with the technical parameters and communication interfaces of information security equipment;
熟悉信息安全的技术原理及相关技术趋势,对信息安全实现方法、实施手段有深入理解,熟悉信息安全设备的技术参数、通信接口;
3. Familiar with relevant domestic and international standards and specifications for industrial information security, such as IEC62443, NIST SP800-82, ISA Secure, industrial control and other related standards;
熟悉工业信息安全国内、外相关标准和规范,如:IEC62443、NIST SP800-82、ISA Secure、工控等保等标准范;
4. Good communication and expression skills and a team spirit.
具有良好的沟通表达能力和团队合作精神。