SecAudit, Vulnerability Manager(003916)
Digital Hub China in Nanjing attracts, grows, and develops passionate people who will meaningfully impact the digital future of BASF. Come join us and be a part of our digitalization journey.
Objectives:
数字化将成为巴斯夫DNA的真正组成部分,创造令人兴奋的全新客户体验和业务增长,并提高流程效率。全球数字服务正在支持巴斯夫业务的数字化转型。我们的使命是推动巴斯夫的数字化转型,通过强大的敏捷文化,提供创新的、全球性的、高质量的数字化产品和服务。南京数字中心是我们为巴斯夫提供区域和全球解决方案的全球重要基地之一。
在此职位上,您将专注于以下目标
扫描:
与流程经理协作,创建和优化用于扫描范围内环境中漏洞的流程和工具。包括应用程序、设备和 Web 应用扫描目标,以及用于将漏洞信息摄取到 Archer 进行处理的过程
管理服务和邮箱:
提供有关最佳实践流程设置的输入,以处理漏洞请求并协调有关IBP查询邮箱的活动
未来产品的运营:
推荐其他产品/资产加入漏洞管理流程,包括所需的其他更改和数据收集
咨询服务:
创建并运行向产品所有者分发漏洞公告的流程
攻击面管理:
设计与ASM工具(待加入)相关的所有流程并提供建议,包括与所有相关利益相关者的互动
Main Tasks:
您将负责为巴斯夫组织提供的中央漏洞管理和修复服务的日常执行。这包括跟踪和协调所有修正活动
您的部分活动将是报告关键指标,以了解业务部门如何遵守安全要求并查看流程的运行情况
您将负责将新的范围区域加入漏洞管理扫描服务,并不断寻求改进和完善服务
您将与第三方供应商联络,并建立/维持良好的工作关系
作为我们CISO组织的一部分,您将与网络安全防御中心,安全治理以及我们的IT运营部门密切合作
Digitalization will be a true part of BASF’s DNA that creates new exciting customer experiences and business growth as well as drives efficiencies in processes. Global Digital Services is supporting BASF business in Digitalization transformation. Our mission is to drive forward the digital transformation of BASF, providing innovative, global and high-quality digital products and services through a strong agile culture. The Digital Hub Nanjing is one of our global key locations to deliver regional and global solutions for BASF.
In this role, you will focus on the following objectives
Scanning service:
Collaborate with process managers to create and optimize processes & tools used for scanning of in-scope environments for vulnerabilities. Includes application, device and webapp scanning targets and the process used to ingest vulnerability information into Archer for processing
Management service & mailbox:
Deliver input on best practice process set-up to handle vulnerability requests & coordinate activities regarding IBP inquiries into the mailbox
Operationalization for future products:
Recommend additional products/assets to onboard into the vulnerability management process incl. additional changes & data collection needed for Archer
Advisory service:
Create and operate the process for the distribution of vulnerability advisories to product owners
Attack surface management service:
Design and provide advice on all processes related to the ASM tool (to be onboarded) incl. on interaction with all relevant stakeholders
You will be responsible for the day-to-day execution of our central vulnerability management and remediation service offered to our BASF organization. This includes the tracking and coordination of all remediation activities.
Part of your activities will be the reporting of Key Indicators to see how business units comply to the security requirements and to see how the process is running.
You will be responsible for the onboarding of new scope areas to the vulnerability management scanning service and constantly seek to improve and mature the services.
You will liaise with 3rd party vendors and establish/maintain good working relationships.
As part of our CISO Organization you will closely work together with the Cyber Security Defense Center, the Security Governance as well as our IT operations unit.
您已完成与学科相关的学位 或通过多年的相关专业经验和进一步培训获得的同等知识和技能
您在漏洞管理或其他相关网络安全领域至少有 1-3 年的经验
您必备技能:
您具有支持攻击面管理 (ASM) 工具和流程的经验,包括集成到漏洞管理、GRC 和升级管理
您可以在跨国/全球团队中独立工作,并带来结构化,分析,以质量为中心的方法
信息安全管理实践和相关规范和标准的知识
您具备出色的沟通技巧,能够与巴斯夫整个组织的利益相关者保持一致和沟通
自信的中英文沟通,包括口语和书面表达能力
希望您拥有:
公认的认证证明,如CISSP,CISM,CRISC,CISA或其他将是一个加分项
You have completed a subject-related university/technical college degree in (business) informatics or equivalent knowledge and skills acquired through many years of relevant professional experience and further training.
You have a minimum of 1-3 years’ experience in vulnerability management or other relevant cyber security fields
Mandatory
You have experience supporting Attack Surface Management (ASM) tools and processes, including integration into vulnerability management, GRC, and escalation management
You can work independently in a multinational / global team and bring a structured, analytical, quality-focused approach with you
Practice in information security management and knowledge of relevant norms and standards.
You have great communications skills to align and communicate with stakeholders throughout BASF's organization
Confident communication in Chinese and English, both spoken and written
Nice to have
Proof of recognized certifications such as CISSP, CISM, CRISC, CISA or others would be a plus.
巴斯夫中国数字化中心于2020年在南京成立。作为全球数字中心的重要部分,中国中心正在迅速发展中,未来将会有更多岗位开放。巴斯夫专注于数字化和创新的IT解决方案,以增强巴斯夫在中国的IT化和专业化,为巴斯夫带来了一支全方位的数字化人才团队,在中国独特的数字化环境中创造解决方案。中心还为湛江一体化基地等大型项目的智能制造做出贡献。
在巴斯夫,我们为可持续发展的未来,创造化学新作用。我们将经济成功与环境保护相结合。我们肩负社会责任。巴斯夫集团超过110,000名员工为巴斯夫的成功做出了贡献。我们的客户遍布世界上几乎所有行业和几乎每个国家。我们的产品组合分为六个部分:化学品,材料,工业解决方案,表面活性剂,营养与护理以及农业解决方案。巴斯夫2020 年销售额为 590 亿欧元。更多信息请见 www.basf.com。
Digital Hub China was founded in 2020 in Nanjing. As part of the Global Digital Hub Verbund, the hub is rapidly growing with a target of a three-digit number of employees in coming years. Focused on digitalization and innovative IT solutions to enhance BASF’s IT portfolio and expertise in China, it brings an all-around capable team of digital talents to create solutions in the context of China’s unique digital landscape to BASF. It also contributes to the smart manufacturing endeavors for the new mega project in Zhanjiang.
At BASF, we create chemistry for a sustainable future. We combine economic success with environmental protection and social responsibility. More than 110,000 employees in the BASF Group contribute to the success of our customers in nearly all sectors and almost every country in the world. Our portfolio is organized into six segments: Chemicals, Materials, Industrial Solutions, Surface Technologies, Nutrition & Care and Agricultural Solutions. BASF generated sales of €59 billion in 2020. Further information at www.basf.com.
BASF Asia-Pacific Service Center is based in Malaysia, we may reach you via Malaysia phone number.
请时刻警惕任何可能的招聘欺诈行为!请注意,巴斯夫绝不会在任何情况下向候选人以任何形式收取任何费用。
A unique total offer: you@BASF
At BASF you get more than just compensation. Our total offer includes a wide range of elements you need to be your best in every stage of your life. That’s what we call you@BASF. Click here to learn more.
A unique total offer: you@BASF
At BASF you get more than just compensation. Our total offer includes a wide range of elements you need to be your best in every stage of your life. That’s what we call you@BASF. Click here to learn more.
Working at BASF: We connect to create chemistry
We are proud of strong history of innovation, which has helped make us who we are today – the world's leading chemical company. Every day, our global team of over 120,000 individuals work together to turn visions for sustainable solutions into reality by connecting with one another and sharing our knowledge.
The right people are crucial for our sustainable success. We aim to form the best team by bringing together people with unique backgrounds, experiences and points of view. Our differences make us stronger and more vibrant. And an open, creative and supportive work environment inspires us to achieve exceptional results.
About BASF
Find out what BASF has to offer as an employer and why you should join our team.
Your application
Here you find anything you need to know about your application and the application process.
Contact us
You have questions about your application or on how to apply in Europe? The BASF Talent Acquisition Europe team is glad to assist you.
Please note that we do not return paper applications including folders. Please submit copies only and no original documents.
NANJING,CN,210000