Project Engineer (PS:COM-COE)/项目工程师（工业信息安全）

I.      Position Summary

1. Responsible for the execution of industrial product and system cyber security projects, industrial information security risk analysis, evaluation, testing, and certification work.

负责工业产品和系统网络安全项目的执行，工业网络安全风险分析，评估，测试和认证工作

2. Responsible for operation of Cyber security Lab and maintain accreditation.

负责工业网络安全实验室运行和实验室资质的维护。

3. Participate in research on cutting-edge technologies in the field of cyber security, including tracking and researching

relevant advanced technologies, and establish localized cyber security assessment services and systems.

参与网络安全领域前沿技术研究，包括对相关先进技术的跟踪与研究，建立被本地化的网络安全评估服务和体系

II.      Job Responsibilities

1. Implementation of industrial information security projects, and assist customers in grading and filing, gap analysis,

scheme design, security rectification, management system and other related work (30%)

负责工业网络安全项目实施，协助客户完成定级备案、差距分析、方案设计、安全整改、管理

制度等相关工作 (30%)

2. Provide cyber security test such as penetration test, vulnerability scanning and code audit (30%)

渗透测试、漏洞扫描和代码审计等安全服务 (30%)

3. Maintain and extend cyber security lab accreditation.(20%)

维护和扩展工业网络安全实验室资质 (20%)

4. Track and study the development trends, policies, regulations, and new technological requirements of industrial

information security, evaluate and optimize relevant security services; Capability requirements (10%)

跟踪研究工业网络安全发展趋势、政策法规和新技术要求，评估优化相关安全服务； 能力要

求 (10%)

5. Complete other tasks assigned by the department manager (10%)

完成部门经理布置的其他任务 (10%)

III.      Job Requirements 

1、Bachelor's degree or above in automation/industrial control, computer related major

自控/工控，计算机类相关专业，本科生及以上学历

2、 Familiar with the technical principles and related technological trends of information security, have a deep

understanding of information security implementation methods and means, and be familiar with the technical

parameters and communication interfaces of information security equipment

熟悉网络安全的技术原理及相关技术趋势，对网络安全实现方法、实施手段有深入理解，熟悉

网络安全设备的技术参数、通信接口；

3、At least 3 years experience in a third-party testing lab or cyber security project is a plus.

有三年第三方工作经验或从事网络安全项目优先

4、 Familiar with relevant domestic and international standards and specifications for industrial information security, such as IEC62443, EN18031, NIST SP800-82, ISA Secure, industrial control and other related standards is a plus.

熟悉工业网络安全国内、外相关标准和规范，如：IEC62443、EN18031、NIST SP800-82、ISA Secure、工控等保等标准优先

5、Good communication and expression skills and a team spirit

具有良好的沟通表达能力和团队合作精神

6、Can work independently and efficiently; can work under pressure.

可独立高效工作，有承压能力。