You seem to be located in .


ISEC & IT Compliance officer

  • 上海-静安区
  • 学历要求:本科
  • 招聘人数:1
  • 工作经验:3-5年


ISEC & IT Compliance officer


The main responsibility of the ISEC Officer is to support Scania China Group (SCG) management in ISEC and IT compliance matters. This responsibility entails deploying various processes and methods which meet the demands of local legislations and corporate policies.


Job Description:

General ISEC duties

  • Single Point of contact for ISEC at SGC
  • Handle ISEC issues and incidents in SCG
  • Lead and participate as a stakeholder in various IT projects
  • Run Information Risk Assessments for systems and processes
  • Owner of the SCG Information Security Management System (ISMS)
  • Drive setup of governance framework within area
  • Drive work with Information risk management, e.g. ability to categorize information
  • Support business in Business Continuity Management IT


Awareness & Training

  • Increase ISEC awareness within the Scania China Group
  • Design & Conduct trainings in the area of ISEC (e.g. Information risk management)
  • Follow up trainings


ISEC Policies & Guidelines

  • Custodian of the ISEC policies
  • Convener of the IT compliance board
  • Drive implementation of the applicable Scania Group Policies, local and corporate ISec principles, methods, rules and ways of working. 


Legislative and compliance

  • Cooperate with SCG legal functions, central ISEC and Data privacy officer
  • Subject matter expert on applicable current and changing legislation. Advice courses of action 
  • Support business in compliance review of 3rd party relations, by using approved corporate tools and method, e.g. CREW, TISAX.
  • Oversee Information and IT security audits, whether by performed by organization or third-party. 


Data Life Cycle Management (DLCM)

Data Lifecycle management


  • Establish processes, methods and policies to handle data quality over its life cycle
  • Align users and IT professionals

Your profile:

  • University degree in Computer science, preferably within ISEC
  • Extensive Project management experience
  • Minimum 8 years of experience of working with Information Security
  • Excellent command of oral and written English and Mandarin
  • Experience in and knowledge of ISO27001 and similar standards
  • Extensive knowledge of applicable PRC laws and regulations



If you think you fit this description and like the idea of joining a environment with great opportunities for professional development,then please contact us.


Send you application via mail to:


Your application should include a covering letter describing why this would be a good step for you in your career and how you will contribute to the group's success and a CV in English.


We look forward to receiving your application.