• Ensures adherence to BeiGene Information Technology policies, standards and procedures
• Executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company data or systems
• Correlates actionable security events, performs network traffic analysis using raw packet data, net flow, IDS/IPS, etc.
• Describes, tests and validates security measures active on security infrastructure devices for the protection of computer systems, networks and information systems
• Performs regularly scheduled vulnerability scans and prepares associated reports
• Assists with security risk assessments and vulnerability evaluations
• Coordinates and performs periodic penetration testing to determine vulnerabilities and appropriate controls to prevent, detect or respond to future events
• Determines security violations and inefficiencies through security tests, evaluations and internal audits.
• Helps to conduct compliance assessments to ensure security of information systems; develops and maintains documentation
• Performs incident response, investigation, analysis, resolution and reporting activities
• Assists to identify intrusion or incident method, preserves evidence and drafts investigation reports
• Participates in root cause analysis of critical security events to improve processes
• Coordinates and delivers security awareness training
• Monitors sources (e.g. NVD, IAVA, IAVB, OTX) for new vulnerabilities

• 5 years of experience in information security operations and information security principles/practices including concepts, methods and procedures
• Strong hands-on experience with implementing and monitoring security methods and control techniques such as firewalls, ***, IDS/IPS, VPN, DLP, SIEM, file integrity monitoring, vulnerability scanning, penetration testing, data encryption, backup and disaster recovery, or other security-related technologies
• Strong experience in monitoring, researching, resolving and security incidents
• Strong experience in root cause analysis of security events/breaches and performing incident response, investigation, analysis, forensics, resolution and reporting
• Experience in designing, reviewing, and auditing secure network, systems, and application architectures
• Working experience with utilizing SIEM systems such as AlienVault, Splunk or similar
• Experience with executing security controls, defenses and countermeasures to intercept and prevent attempts or attacks
• Experience in conducting risks assessments and vulnerability evaluations

• Knowledge of and working experience with NIST, ISO, SOX, GMP, and/or other recognized industry security frameworks and compliance standards and best practices
• Experience with E-mail security and archiving solutions such as Mimecast, Proofpoint or similar
• Experience with security in DNS, DHCP, TCP/IP, Active Directory, and network topologies
• Experience with AWS Azure/O365 and cloud PaaS security
• Relevant industry certification(s), such as: Cisco CCNA/CCNP Security, CEH, CISSP, ISSAP/ISSEP

联系方式