Job description

Requirements

  • Entry level
  • No Education
  • Salary to negotiate
  • Beijing

Description

Objectives of the Position
•The Information Security Architect contributes to the development of the system design and application architecture and ensures, that the security requirements, ICFR specifications will be fulfilled by the project and thus information security risks are mitigated.
In this role, he/she develops the Security Profile of the (application) system, by identifying potential weak points, assessing threats, developing adequate security measures and verifying their effectiveness. Thereby he/she ensures that incommensurate information security risks are addressed and technological, architectural or design-related decisions will not lead to any violation of corporate guidelines. He/she documents and communicates the results.
Task description
•Perform Threat Analysis  & Create/Update the Security Profile
-The ISA performs threat analyses for complex technical designs and reports the results using standard templates.
-The ISA creates the initial Security Profile (with new applications/systems) or updates an existing Security Profile (with upgraded applications/systems).
-The ISA creates CISM-tickets for critical and high findings and updates the tickets along with respective changes in the Security Profile.
•Derive Security Requirements
-Given application or system descriptions the ISA derives security requirements that will match the respective level of abstraction.  
•Review Design and Report Issues
-The ISA reviews the design documents with respect to fulfillment of security requirements, (common) design errors, already known design shortcomings (are they fixed or not)
-The ISA submits a written report that lists all shortcomings together with suggestions on how to fix them.
•Review Implementation and Report Issues
-The ISA reviews the implementation with respect to fulfillment of security / design requirements, (common) implementation errors, already known implementation shortcomings (e.g. from CodeScan or EPA, are they fixed or not?),
-The ISA submits a written report that lists all shortcomings together with suggestions on how to fix them.
•Review Project Security Planning and Report Issue
-The ISA reviews various project management documents with respect to, plausibility of effort estimates for planned security tasks, plausibility of cost estimates for planned security tasks, overall plausibility of timeline for security tasks, overall progress of security, completeness of planned security tasks security budget planning, ordering status of mandatory security services, mandatory security related tasks
-The ISA submits a written report that lists
-all shortcomings together with suggestions on how to fix them,
-all possible risks to achieving project goals that relate to information security.
•Various Expert Consulting
-The ISA will answer explicit questions on various security related subjects, e.g.  On Information Classification, DISF, security aspects of project management, technical information security, etc.
•Technical Security Tasks
-Given the necessary input, the ISA will perform complex tasks with a specific, well described result. The tasks shall require substantial security expertise. The input the ISA needs will typically be provided in written form. Except for gathering of missing information there will be no further interaction with the project. The results will be in written form whenever possible.
 

Objectives of the Position
•The Information Security Architect contributes to the development of the system design and application architecture and ensures, that the security requirements, ICFR specifications will be fulfilled by the project and thus information security risks are mitigated.
In this role, he/she develops the Security Profile of the (application) system, by identifying potential weak points, assessing threats, developing adequate security measures and verifying their effectiveness. Thereby he/she ensures that incommensurate information security risks are addressed and technological, architectural or design-related decisions will not lead to any violation of corporate guidelines. He/she documents and communicates the results.
Task description
•Perform Threat Analysis  & Create/Update the Security Profile
-The ISA performs threat analyses for complex technical designs and reports the results using standard templates.
-The ISA creates the initial Security Profile (with new applications/systems) or updates an existing Security Profile (with upgraded

About the company

Daimler AG is one of the world’s most successful automotive companies. With its divisions Mercedes-Benz Cars, Daimler Trucks, Mercedes-Benz Vans, Daimler Buses and Daimler Financial Services, the Daimler Group is one of the biggest producers of premium cars and the world’s biggest manufacturer of commercial vehicles with a global reach. Daimler Financial Services provides financing, leasing, fleet management, insurance, financial investments, credit cards, and innovative mobility services.

The company’s founders, Gottlieb Daimler and Carl Benz, made history with the invention of the automobile in the year 1886. As a pioneer of automotive engineering, Daimler continues to shape the future of mobility today: The Group’s focus is on innovative and green technologies as well as on safe and superior automobiles that appeal to and fascinate. Daimler consequently invests in the development of alternative drive trains with the long-term goal of emission-free driving: from hybrid vehicles to electric vehicles powered by battery or fuel cell. Furthermore, the company follows a consistent path towards accident-free driving and intelligent connectivity all the way to autonomous driving. This is just one example of how Daimler willingly accepts the challenge of meeting its responsibility towards society and the environment.

The brand portfolio of Daimler comprises Mercedes-Benz, Mercedes-AMG, Mercedes-Maybach, Mercedes me, smart, EQ, Freightliner, Western Star, BharatBenz, Fuso, Setra, Thomas Built Buses as well as Mercedes-Benz Bank, Mercedes-Benz Financial Services, Daimler Truck Financial, moovel, car2go and mytaxi.

Companies in this sector

Hives where you can find this job offer