Major Responsibilities and Duties:

1) Ensures all Zai Lab IT system apply the appropriate information security control manner.

2) Responsible for ensuring quality and compliance to information governance within projects and operations of IT function.

3) Works with other IT function to assess potential risks, advise on risk mitigation and to solve compliance issues

4) Analyze impact of new technologies and regulative changes on information security

5) Continuously monitor and analyze security risk of information assets and identify potential issues.

6) Able to establish communication to business on information security aspects with knowhow, tips, incident.

7) Provide in-depth technical analysis of computer networks, applications and systems, culminating in the identification of existing potential vulnerabilities.

8) Support the Threat and Vulnerability Assessment process to ensure proper prioritization of remediation.

9) Detect, disrupt, and eradicate threat actors from the enterprise environment

Qualifications:

1) Degree in Information Systems or comparable education/ experience

2) Fluent in English (Oral & written)

3) At least 8 years of experience in IT information Security & Risk Management role

4) Excellent soft skills such as observation, listening, presenting, negotiating, and documentation.

5) Strong Operation experience on Cloud / SaaS, Infrastructure Security, Application Security Architecture, Identification / Account Management, Mobility, MS Product / O365 environment.

6) Knowledge of security frameworks (e.g. COBIT, ISF), standards (ISO), information security principles, security architecture and regulatory requirements (GxP, SOX) will be a plus

7) Strong stakeholder engagement skills, and able to interact at all levels in & out organization.

8) Experience on internal Professional IT auditing

上班地址：上海浦东张江高科技园区金科路4560号金创大厦1号楼4楼