职位描述:
1.Analyze management and technical controls to ensure that specific security and compliance requirements are met through the verification of documented processes, procedures, and standards to validate maintenance of secure configurations.
2.Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.
职位要求:
1.Bachelor’s degree in computer science or relevant majors, with business and IT audit or compliance experience desired. Knowledge and understanding of ISO27001 series, GDPR, NIST, and SOC-2 information security standards and/or frameworks.
2.Familiar with public clouds like AWS, Azure, etc. understand the particular security/compliance challenges to the IT infrastructure running on public cloud.
3.Ability to maintain security documentation and manuals.
4.Bilingual in English and Mandarin to facilitate collaboration across regions.
5.Excellent written and verbal communication skills.
招聘部门:
小米
工作地点:
新加坡
面试建议:
信息安全合规实习生的面试会重点考察你对国际安全标准的理解深度和实际应用能力。不同于普通IT岗位,这个职位需要你既能解读框架条款,又能结合公有云环境分析合规风险。面试官会特别关注你如何将理论标准转化为具体的安全控制措施,比如在AWS上实施GDPR数据保护要求的实际案例。 建议提前准备两个核心内容:一是用STAR法则整理过往项目中涉及安全合规的实践经验,即使是非直接相关的经历,也要突出你的分析逻辑;二是针对公有云安全场景设计1-2个解决方案框架,例如如何用NIST CSF应对Azure的多租户风险。回答时注意中英文切换的自然流畅,这是跨国团队协作的重要能力证明。可以携带自己编写过的安全文档作为作品集,这比单纯描述更能展现你的文档能力。