JOB DETAILS

JOB DETAIL

The Information Security Specialist is responsible for the on-site implementation and daily operation of the information protection system for designated company facilities, ensuring continuous compliance with corporate information security requirements in physical security, cybersecurity, and personnel compliance. This position reports functionally to the Information Security Leader and operationally to the Site Operation Manager.

1. Security Control Implementation
• Implement and maintain information protection controls at designated sites in accordance with corporate information security management manuals and procedural documents
• Ensure effective operation of technical controls including physical security (access control, surveillance, guarding), network security (segregation, firewall, access control), and endpoint security (encryption, EDR)
• Conduct regular inspections of security equipment and coordinate necessary maintenance, upgrades, or repairs

2. Personnel Compliance
• Maintain site authorized personnel register, track security training completion, NDA execution, and acknowledgment signing
• Assist Site Operation Manager in personnel compliance management, ensuring authorized personnel do not engage in prohibited work
• Conduct security awareness training for new site personnel and provide day-to-day security guidance

3. Compliance Monitoring and Reporting
• Monitor site-level compliance with information protection requirements, regularly review logs, access records, training records, etc.
• Promptly report anomalies or potential violations to the Information Security Team and Site Operation Manager
• Assist in preparing routine security reports, audit documentation, and other reports required by the company

4. Incident Response Support
• Assist in local security incident detection, initial response, and investigation
• Upon confirmed security incident, cooperate with Information Security Team to complete written reports within required timelines
• Participate in implementation of post-incident remediation measures

5. Audit and Improvement
• Participate in security audits and assessments conducted at the site, cooperate with internal and external audits
• Track audit findings, assist in developing and implementing remediation plans
• Provide feedback to Information Security Team on local implementation challenges and improvement opportunities

6. Cross-functional Collaboration
• Coordinate with Site Operation Manager to ensure effective integration of physical and information security measures
• Collaborate with Human Resources to ensure onboarding, training, and offboarding processes meet security requirements
• Work with IT team to ensure effective implementation of network security and endpoint security configurations

REQUIRED WORK EXPERIENCE

- Bachelor's degree or above in Computer Science, Information Technology, Information Security, or related fields
- 5+ years of experience in information security, IT operations, or related fields
- Experience in manufacturing, high-tech industry, or international projects
- Experience with physical security systems (access control, surveillance)
- Willingness to travel internationally as required

Technical skills
- Familiar with network security technologies: firewall, VPN, IDS/IPS, EDR, MFA, etc.
- Familiar with endpoint security: full disk encryption, patch management, anti-malware, etc.
- Familiar with physical security systems: access control, CCTV surveillance, security operations
- Familiar with information security standards and frameworks: ISO 27001, NIST, GDPR, etc.
- Have experience/certification in CISSP, CISM, CISA, ISO 27001 LA, CompTIA Security+, or equivalent certifications

Language skills
- Proficient in English listening, speaking, reading and writing. Chinese language will be highly advantage.