- 目錄
第1篇 設(shè)計部門安全職責(zé)
(1) 在進(jìn)行新建、改建、擴(kuò)建和技術(shù)改造項目設(shè)計時,保證有關(guān)安全、環(huán)保、工業(yè)衛(wèi)生等 技術(shù)措施同時設(shè)計、施工、竣工驗收。嚴(yán)格執(zhí)行各專業(yè)的國家安全技術(shù)規(guī)范標(biāo)準(zhǔn)。
(2) 負(fù)責(zé)安全技術(shù)措施項目的設(shè)計工作。
(3) 組織設(shè)計審查時,應(yīng)有安全技術(shù)、消防、工業(yè)衛(wèi)生、環(huán)保和工會等部門代表參加 。
(4) 二十九、法律合同部門的安全職責(zé)
(5) 認(rèn)真執(zhí)行健康、安全與環(huán)境保護(hù)的法規(guī)標(biāo)準(zhǔn),把維護(hù)健康、保證安全與環(huán)境保護(hù),納入訂立各種生產(chǎn)建設(shè)和生產(chǎn)維修項目合同的議事日程,使安全與環(huán)境保護(hù)得到法律合同的保護(hù)。
(6) 在簽定和審定新建、擴(kuò)建和改建和項目維修合同時負(fù)責(zé)審查安全計劃措施。
(7) 對已簽訂了合同的生產(chǎn)建設(shè)和維修項目的施工過程進(jìn)行安全性監(jiān)督,確保工和的安全性和牢固性。
第2篇 設(shè)計部門的安全職責(zé)
(1) 在進(jìn)行新建、改建、擴(kuò)建和技術(shù)改造項目設(shè)計時,保證有關(guān)安全、環(huán)保、工業(yè)衛(wèi)生等 技術(shù)措施同時設(shè)計、施工、竣工驗收。嚴(yán)格執(zhí)行各專業(yè)的國家安全技術(shù)規(guī)范標(biāo)準(zhǔn)。
(2) 負(fù)責(zé)安全技術(shù)措施項目的設(shè)計工作。
(3) 組織設(shè)計審查時,應(yīng)有安全技術(shù)、消防、工業(yè)衛(wèi)生、環(huán)保和工會等部門代表參加 。
(4) 二十九、法律合同部門的安全職責(zé)
(5) 認(rèn)真執(zhí)行健康、安全與環(huán)境保護(hù)的法規(guī)標(biāo)準(zhǔn),把維護(hù)健康、保證安全與環(huán)境保護(hù),納入訂立各種生產(chǎn)建設(shè)和生產(chǎn)維修項目合同的議事日程,使安全與環(huán)境保護(hù)得到法律合同的保護(hù)。
(6) 在簽定和審定新建、擴(kuò)建和改建和項目維修合同時負(fù)責(zé)審查安全計劃措施。
(7) 對已簽訂了合同的生產(chǎn)建設(shè)和維修項目的施工過程進(jìn)行安全性監(jiān)督,確保工和的安全性和牢固性。
第3篇 安全設(shè)計師崗位職責(zé)
高級安全設(shè)計師 senior security architect,band 9
position description:
? security risk assessment and review of lenovo systems and applications to drive adoption of application and infrastructure security controls and best practices
? security risk assessment and review of 3rd party systems and applications to ensure the standard and proprietary application security controls adopted and compliant with lenovo requirements
? security architecting, solution design and implementation
? investigate, coordinate and address information security incidents
? manage and resolve information security risk issues
? work with internal and e_ternal audits to drive corrective actions in information security
position requirements:
? bs above degree in computer science, information security/assurance/audit, or relevant majors.
? 7+ years security industry e_perience.
? solid understanding of information protection and cyber security principles processes and practices.
? strong technical background and a passion for cyber security.
? ability to master and optimize comple_ processes
? ability to on global cross functional internal and e_ternal teams.
? effective verbal and written communications. proficiency in english and mandarin is a plus.
? one or more relevant it security certifications: cissp, ccsp,cisa, cism.
? one or more below certifications should be a plus: itil, cobit, pmp, iso 27001 (internal/lead) auditor.
required technical skills:
? infrastructure network and systems hardening
? web application security
? vulnerability/penetration testing
? microsoft windows system administration
? microsoft active directory group policy object
? microsoft software update service
? security operations and/or engineering e_perience ? security incident response e_perience
? desirable to have windows server, uni_/linu_ system administration skills (centos, red hat linu_, ai_)
? desirable to have database administration e_perience (ms sql, mysql, oracle)
? application software : symantec sep, tenable nessus, rapid7,wvs,cybereason,malwarebytes, splunk, and other security systems and applications vendors including open source.
? diagnostic software : wireshark, windows command-line, uni_/linu_ command-line, filemon, process e_plorer and other security systems and applications vendors including open source.
? network topologies : ethernet, lan/wan
? network protocols: tcp/ip, netbios/smb, snmp, icmp, smtp, ssh/ftp, rdp, and similar
hands on e_perience with diverse range of security tools such as:
anti-virus,hids, dlp, siem, pki/strong authentication, database technologies, encryption technologies, mobility security, end user computing security tools, vulnerability scanning tools and asset management tools.
demonstrated thorough knowledge and direct e_perience reviewing logs from any of the following: windows event log, linu_ syslog, anti-virus log, hids log, firewalls log.
senior security architect,band 9
position description:
? security risk assessment and review of lenovo systems and applications to drive adoption of application and infrastructure security controls and best practices
? security risk assessment and review of 3rd party systems and applications to ensure the standard and proprietary application security controls adopted and compliant with lenovo requirements
? security architecting, solution design and implementation
? investigate, coordinate and address information security incidents
? manage and resolve information security risk issues
? work with internal and e_ternal audits to drive corrective actions in information security
position requirements:
? bs above degree in computer science, information security/assurance/audit, or relevant majors.
? 7+ years security industry e_perience.
? solid understanding of information protection and cyber security principles processes and practices.
? strong technical background and a passion for cyber security.
? ability to master and optimize comple_ processes
? ability to on global cross functional internal and e_ternal teams.
? effective verbal and written communications. proficiency in english and mandarin is a plus.
? one or more relevant it security certifications: cissp, ccsp,cisa, cism.
? one or more below certifications should be a plus: itil, cobit, pmp, iso 27001 (internal/lead) auditor.
required technical skills:
? infrastructure network and systems hardening
? web application security
? vulnerability/penetration testing
? microsoft windows system administration
? microsoft active directory group policy object
? microsoft software update service
? security operations and/or engineering e_perience ? security incident response e_perience
? desirable to have windows server, uni_/linu_ system administration skills (centos, red hat linu_, ai_)
? desirable to have database administration e_perience (ms sql, mysql, oracle)
? application software : symantec sep, tenable nessus, rapid7,wvs,cybereason,malwarebytes, splunk, and other security systems and applications vendors including open source.
? diagnostic software : wireshark, windows command-line, uni_/linu_ command-line, filemon, process e_plorer and other security systems and applications vendors including open source.
? network topologies : ethernet, lan/wan
? network protocols: tcp/ip, netbios/smb, snmp, icmp, smtp, ssh/ftp, rdp, and similar
hands on e_perience with diverse range of security tools such as:
anti-virus,hids, dlp, siem, pki/strong authentication, database technologies, encryption technologies, mobility security, end user computing security tools, vulnerability scanning tools and asset management tools.
demonstrated thorough knowledge and direct e_perience reviewing logs from any of the following: windows event log, linu_ syslog, anti-virus log, hids log, firewalls log.