【岗位职责】

1. 协助制定公司信息安全政策并依据政策进行落地实施

Cooperate with security policy and procedure development and implementation accordingly

2. 对新上线系统及设备进行定期检查，以确保该设备和应用满足安全要求

Regular security review for new released systems in order to make sure the security configurations are compliant with company security standards and requirements

3. 定期检查公司各个设备及系统的安全漏洞，出具安全分析报告并给出安全漏洞修补建议，并督促各管理员进行漏洞修补

Periodically security vulnerability check for all IT systems and devices and propose remediation plans and suggestions according to the security analysis or check reports. Cooperate with related administrators to remedy security vulnerabilities within any planned deadline.

4. 负责维护和管理主要的安全系统，例如：防火墙，网络防入侵系统，安全监控日志系统， 补丁合规管理等；定期提供安全分析报告。同时，定期更新安全系统的漏洞，以维护和加强系统的安全策略，以保证安全性。

Maintains and administers perimeter security systems such as firewalls and intrusion detection systems. Monitors security system logs (i.e. intrusion detection system, firewall system logs, Patch Management etc.) and reports on incident handling and resolution. Investigate opportunities to update security system capabilities to sustain and enhance network and system security integrity.

5. 相应地领导信息安全项目执行（包括DRP和BCP）

Lead accordingly Information  Security Projects implementation (including DRP