Responsibilities: 1. Security Implementation: • Install and configure security software, firewalls, intrusion detection systems, and other security tools. • Enforce security policies and procedures to protect data and systems. 2. Vulnerability Assessment: • Conduct regular security assessments and vulnerability scans. • Identify and assess potential security risks and vulnerabilities. 3. Incident Response: • Develop, implement and maintain the incident response plan. • Investigate and respond to security incidents and breaches. • Document and report security incidents to appropriate stakeholders. 4. Access Control: • Manage user access and permissions for all IT related systems. • Ensure that only authorized individuals have access to sensitive data and systems. 5. Security Awareness and monitoring: • Arrange annual cybersecurity training for all employees, contractors and consultants. • Promote a security-conscious culture within the organization. • Monitor network and activity for signs of security breaches. • Respond to alerts and anomalies as they occur. 6. Policy Development and Security Documentation: • Develop and update security policies, standards, and guidelines. • Ensure compliance with relevant regulations and industry standards. • Maintain detailed records of security incidents, measures, and policies. • Produce reports on security status and compliance for management. 7. Security Auditing: • Work with external auditor to conduct regular security audits to assess and improve security controls. • Ensure the compliance with availability, integrity, confidentiality principles. 8. Service Desk • Provide remote support for employees based in US/Singapore who work remotely from home. • Onsite support for China employees in Shanghai and Jinan. • Install and configure end user’s working computer, arrange the delivery and collection. Qualifications: • Bachelor's degree or equivalent education background in Computer Science, or a related field. • Relevant certifications such as CISSP, CISM, or CompTIA Security (preferred). • Proven experience in information security or related roles. • Strong knowledge of security technologies, tools, and best practices. • Familiarity with regulatory requirements, compliance standards and industry standards, e.g. ISAE 3402, Type 2 or SSAE 16 SOC2. • Excellent problem-solving and communication skills. • Ability to work both independently and as part of a team. • Good written and verbal English communication skills are mandatory. Additional Skills (Optional): • Knowledge of ethical hacking and penetration testing. • Experience with security incident response tools. • Expertise in cloud security and mobile device security. • Understanding of network security and encryption protocols.