UPS Technology Compliance Manager

UPS Technology Compliance Manager

United Parcel Service Singapore Pte Ltd
Other - China
Not Specified
Not Specified

Job Description

UPS China is currently recruiting for a Technology Compliance Manager to be based in Shenzhen, China

This is a high-visibility role. Reporting to the VP of Technology APAC Region and operating within the UPS Technology organization, the China IT Compliance Manager will have management accountability, support and maintain the IT security and compliance management strategy for UPS China District.

This role will also develop, maintain policy, standards, processes and procedures to a level compliant with China Multi-level Protection of Information Security(MLPS) and all other China Cybersecurity Laws, Regulations and standards.

This individual will work with various technical teams in the design and implementation of technology audit, risk assessment and regulatory compliance practices for China. This will include working and aligning with all relevant UPS Corporate IS functions, Information Security, Privacy and Legal functions and various departments in China including compliance, internal auditing, risk management groups.

The role will be required to lead cross-functional teams in performing reviews and tests of IT internal controls to ensure that existing IT systems are operating as designed and that they contain adequate controls to meet all levels of China Cybersecurity and MLPS regulations and standards.

MAIN DUTIES

  • Determine and maintain an inventory of all China Cybersecurity & MLPS regulatory, commercial and organisational technology compliance requirements.
  • Facilitate the creation and modification of all technology compliance policies.
  • Create an IT compliance risk assessment framework and periodically assess the regulatory, commercial and organisational, inherent and residual IT compliance risks.
  • Identify the associated IT compliance control gaps and oversee the documentation, implementation and testing of the entire IT compliance control portfolio.
  • Manage and coordinate all China Cybersecurity and MLPS internal and external audit-related tasks such as ensuring the readiness for audit testing and facilitating the timely resolution of any audit findings.
  • Create a China compliance training and awareness program that periodically educates the requisite end-user community on the relevant China Cybersecurity and MLPS compliance requirements, and certifies their adherence to the relevant IT compliance controls.
  • Work with UPS IT functions and external consultants to understand all China Cybersecurity laws and the goals and objectives of UPS and translate them into IT compliance requirements such as IT security and user access policies and controls specifically for China

  • The Information Technology Compliance Manager will be required to sign off on all official UPS documentary submissions to China regulatory authorities pertaining to Cybersecurity and MLPS matters and will be the official contact technology staff representing UPS in China for such matt

Qualifications

Essential:

  • Minimum Bachelor degree in Computer Science or equivalent or higher
  • At least 6 years of proven experience of developing and submitting IT audit and compliance reports to governing bodies, legal entities and/or external authorities.
  • Experience in planning, organising and developing information technology policies, procedures standards and practices.
  • Experience with common information security management frameworks, such as International Standards Organisation (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
  • Information System Certifications (CISSP/CISM)
  • Significant industry experience of working in IT Security and compliance roles.
  • Experience working with legal, audit and compliance staff.
  • A strong background in IT Disaster Recovery and in developing Business Continuity Plans.
  • Experience in system technology security testing (vulnerability scanning and penetration testing).
  • Excellent interpersonal and communication skills and abilities to effectively communicate with technical and non-technical audiences

Job Details

Employment Types:

Function:

IT

Similar Jobs

Career Advice to Find Better