职位描述

Your tasks would be:
1. Track the updates of the PIPL, DSL & CSL and relative regulations and security measurements. Lead the assessment on new published detail rules/regulations and work out related strategies to ensure MAHLE China meets law and regulation’s requirements.

2. As the information Protection Manager, responsible for the supervision of the compliance of local data security processes with global standards and local legal requirements.
3. Work with global Data & Information Governance team to ensure global data governance policy/standards/guidelines has no conflict with China DSL & CSL regulation requirements.
4. Responsible for the implementation of processes related safe storage, de-identification, encryption, access control and periodic deletion of personal information throughout its life cycle.
5. Be responsible for local data security policies and processes related awareness training.
6. Collaborate with BU/departments to ensure that data security requirements are integrated into business processes and practices.
7. Co-work with Data Privacy Coordinator on all CBDT related matters and act as major contact person for external queries.
8. Review and approve data security related risks of MAHLE China Commercial and drive the remediation of the risks.
9. Work with data privacy coordinator, cyber security protection officer and global security together to handle data security related incidents and manage internal and external communication, ensure we meet PIPL, DSL & CSL law regulation requirements.
10. Take the role as PM to collaborate with stakeholders of CBDT in-scope systems on all related information collection and **sible remediation execution.


We hope you are:
1. Computer Science or information management background is a must
2. Bachelor’s degree or above, over 8 years’ experience and track-record in data governance and data privacy with solid digital & tech knowledge
3. Comprehensive knowledge and experience of Data Privacy and Information Security
4. Relevant data privacy or privacy certification such as CIPP (preferred)
5. Solid knowledge of the Cybersecurity Law, Personal Information Protection Law and Data Security Law of the People's Republic of China
6. Corporate experience and Compliance experience is highly preferred
7. Ability to develop and deliver training materials
8. Strong written and verbal communication skills
9. Fluent in both written and spoken English/Mandarin