Job Mission:

We commit to secure Decathlon digital assets under the compliance request of Chinese government and Decathlon Security Regulations (DSR).

Implement and update in-house security guidelines and regulations upon to Chinese Cyber Security Law and Data Classification Regulation.

Evaluate Security level on infrastructure, software development, data processing subjects and conduct audit & correction actions.

Educate employees and assure the certain level of security awareness on site and on customer data processing.

Your responsibilities:

• Application Security : Ensure applications go-live is under controlling in terms of 0 risk on cyber-attack and data leaking

• Application evaluation: Implement Decathlon Security Assessment Matrix (DSAM)and launch actions

• Data Classification: Implement Decathlon Data Classifications Norms (DDCN) to all application and software responsible roles

• API security : Ensure data is secured during the internal/external application’s interaction

• Infrastructure Security: Ensure network, cloud, data center and client devices ‘security and provide Web application protection tool box

• Write and update Decathlon Employee Security Handbook and IT Charter to assure China employee’s awareness and best practice with Legal department and external legal consulting services

Required Skills:

• 
  Sport lover

• Understand country-level security laws and regulations, e.g: China Cyber Security Law, EUROPE GDPR

• Master applications’ evaluation matrix and web security testing methods and standard, be able to define strong actions to correct potential security breaches, e.g: pentest, data encryption, DRP, Data Classification

• CISSP is a must, familiar with ISOISO/IEC27001

• Understand Cloud service components on Azure & AWS

• Strong communication both in verbal and written

• Fluent English speaking is a must, French is a plus

• Results oriented

• Strong cross-team functional management skills

上班地址：上海