You will:
- Oversee the implementation and maturation of security and privacy controls in China against local and global information security and data protection regulations (e.g. PIPL, DSL, CSL) and industry-recognized security frameworks and standards (e.g., NIST CSF, NIST 800-53, and ISO 27001/2)
- Engage with business partners and Dell’s China leadership team, customers, other external stakeholders and governmental authorities, inspiring confidence in Dell’s overall security and privacy postures and brand, through direct consultations, industry engagements, and government registrations and filings
- Coordinate country-specific compliance activities with existing Security & Resiliency and Privacy programs and initiatives related to information security and data protection, including: implementation of Dell’s incident response plans; completion of data protection and security risk assessments; review of cross-border data transfers; facilitation of security and privacy education and training drills; and handling of privacy and data security complaints
- Integrate security, privacy, and resiliency risk insights and advice into regional business operations through forward-leaning engagement and deep integration with regional business unit and IT management activities to determine corrective action plans in support of Dell’s information security and privacy compliance objectives.
- Develop and maintain comprehensive documentation of evaluations performed and findings, risks and/or issues identified.
Essential Requirements
- 8+ years of experience in areas information security/cybersecurity and/or data protection/privacy with foundational knowledge of general application, cloud and network security concepts
- Written and verbal fluency in English and Mandarin
- Strong knowledge and understanding of information security, data protection and privacy practices and policies, including Information security and privacy frameworks, standards, best practices and information security and data protection regulations in China and APJ region
- Ability to drive and integrate complex, multi-functional, cross-organizational initiatives
- Demonstrates thought leadership and possesses best practice awareness across functional areas of responsibility
Desired Requirements
- Experience liaising with governmental officials, regulatory agencies and customers in China and with Legal and Government Affairs teams on security and data protection issues
- Information Security Certification(s) – e.g. CISSP, CISM, CCSP, CCSK, AZ-500, MS-500 or
International Association of Privacy Professionals (IAPP) Certification(s) – e.g. CIPP/Asia, CIPM, CIPT, FIP
- Bachelors or Masters degree in Computer Science, Information Technology, Information Security or related field