位于南京的巴斯夫中国数字化中心吸引、培养和发展充满热情的数字化人才,他们将对巴斯夫的数字化未来产生深远的影响。快来加入我们,成为巴斯夫数字化之旅的一部分。
Digital Hub China in Nanjing attracts, grows, and develops passionate people who will meaningfully impact the digital future of BASF. Come join us and be a part of our digitalization journey.
Objectives:
威胁评估:
- 从各种来源(例如,内部、OSINT、CTI 供应商、ISAOs/ISAC)获取情报,以集群和跟踪威胁活动并开发汇总的威胁态势
- 对巴斯夫当前的威胁形势进行威胁评估
- 识别威胁参与者的策略、技术和程序 (TTP)
- 生成战术、运营和战略威胁情报报告和仪表板,以提供给利益相关者
威胁情报监控:
- 记录威胁态势,包括威胁参与者跟踪、漏洞、趋势、攻击媒介和其他指标,以支持威胁监控
利益相关者管理:
- 向其他团队提供威胁情报建议,使他们能够在各自的单位采取主动行动并做出明智的决策
- 将威胁情报结果传达给相应的团队,以便快速采取行动
Main Tasks:
- 确定情报要求,并将所有内部利益相关者整合到威胁情报办公室的威胁共享社区中
- 在共享事件和威胁信息方面发展和支持与外部利益相关者和合作伙伴的关系
- 收集、处理和分析信息,为巴斯夫生成威胁情报
- 通过提供口头简报、视觉演示和书面报告,包括所识别威胁的可能性和影响,向高级管理层和其他主要利益相关者传播威胁情报
- 与事件响应团队密切合作,以增强分析并提供额外的背景信息
- 为威胁参与者创建个人威胁配置文件并将其呈现给所需的利益相关者
- 管理情报供应商的馈送和报告,并评估其绩效
- 选择、引导和影响CTI供应商,使其根据我们的安全要求进行交付
Threat assessment:
- Ingest intelligence from various sources (e.g., internal, OSINT, CTI vendors, ISAOs/ISACs) to cluster and track threat activity & develop an aggregated threat landscape
- Perform threat assessments of BASF’s current threat landscape
- Identify threat actor tactics, techniques, and procedures (TTPs)
- Generate tactical, operational, and strategic threat intelligence reports and dashboards to provide to stakeholders
Threat intelligence monitoring:
- Document threat landscape including threat actor tracking, vulnerabilities, trends, attack vectors, and other indicators to support threat monitoring
Stakeholder management:
- Provide threat intelligence advice to other teams to enable them to take initiatives and make informed decisions in their respective units
- Communicate threat intelligence findings to the respective team to allow for quick on-set of actions
Main Tasks:
- Determine intelligence requirements and integrate all internal stakeholders into the Threat Intelligence Office’s threat sharing communities.
- Develop and support the relationship with external stakeholders and partners regarding sharing of incidents and threat information.
- Collect, process, and analyze information to generate threat intelligence for BASF.
- Disseminate threat intelligence to senior management and other key stakeholders by providing verbal briefings, visual presentations, and written reports including likelihood and impact of threat identified.
- Work closely with the Incident Response team to enhance analyses and provide additional context.
- Create and present individual threat profiles for threat actors to required stakeholders.
- Manage intelligence vendors’ feeds and reports and assess their performance.
- Select, steer and influence CTI suppliers to deliver according to our security requirements.
Job Requirements:
- 应用IT,计算机科学或类似技术学位
- 至少一年的网络安全/威胁情报专业经验
希望您具备:
- 网络高级持续性威胁、参与者、基础设施和 TTP
- 安全基础设施和网络,包括协议、已知端口和服务
- 云安全,包括工具和方法
- 以下安全相关技术:TIP、IPS、IDS、SIEM、防火墙、DNS、加密、HIDS、NIDS 和漏洞管理
- 较强的问题解决能力,良好的分析方法工具箱,开箱即用的思维
- 有条理,注重细节,具有较强的多任务处理能力
- 自信的中英文沟通,包括口语和书面表达能力
希望您拥有:
首选认证
- GCTI(GIAC网络威胁情报)或CTIA(认证威胁情报分析师)
- ISC2 CISSP(认证信息系统安全专家)
- Degree in applied IT, computer science or a comparable technical apprenticeship.
- At least one year of professional experience in cyber security / threat intelligence
Mandatory
Knowledge in
- Cyber advanced persistent threats, actors, infrastructure, and TTPs
- Security infrastructure and networking including protocols, known ports and services
- Cloud security including tools and methodologies
- The following security related technologies: TIP, IPS, IDS, SIEM, firewalls, DNS, encryption, HIDS, NIDS, and vulnerability management
- Strong problem-solving skills, good analytic methodology toolbox, thinking out of the box
- Organized, detail-oriented and strong multi-tasking skills
- Confident communication in Chinese and English, both spoken and written
Nice to have
Preferred product related knowledge
Preferred certifications
- GCTI (GIAC Cyber Threat Intelligence) or CTIA (Certified Threat Intelligence Analyst)
- ISC2 CISSP (Certified Information Systems Security Professional)
巴斯夫中国数字化中心于2020年在南京成立。作为全球数字中心的重要部分,中国中心正在迅速发展中,未来将会有更多岗位开放。巴斯夫专注于数字化和创新的IT解决方案,以增强巴斯夫在中国的IT化和专业化,为巴斯夫带来了一支全方位的数字化人才团队,在中国独特的数字化环境中创造解决方案。中心还为湛江一体化基地等大型项目的智能制造做出贡献。
在巴斯夫,我们为可持续发展的未来,创造化学新作用。我们将经济成功与环境保护相结合。我们肩负社会责任。巴斯夫集团超过110,000名员工为巴斯夫的成功做出了贡献。我们的客户遍布世界上几乎所有行业和几乎每个国家。我们的产品组合分为六个部分:化学品,材料,工业解决方案,表面活性剂,营养与护理以及农业解决方案。巴斯夫2020 年销售额为 590 亿欧元。更多信息请见 www.basf.com。
Digital Hub China was founded in 2020 in Nanjing. As part of the Global Digital Hub Verbund, the hub is rapidly growing with a target of a three-digit number of employees in coming years. Focused on digitalization and innovative IT solutions to enhance BASF’s IT portfolio and expertise in China, it brings an all-around capable team of digital talents to create solutions in the context of China’s unique digital landscape to BASF. It also contributes to the smart manufacturing endeavors for the new mega project in Zhanjiang.
At BASF, we create chemistry for a sustainable future. We combine economic success with environmental protection and social responsibility. More than 110,000 employees in the BASF Group contribute to the success of our customers in nearly all sectors and almost every country in the world. Our portfolio is organized into six segments: Chemicals, Materials, Industrial Solutions, Surface Technologies, Nutrition & Care and Agricultural Solutions. BASF generated sales of €59 billion in 2020. Further information at www.basf.com.
BASF Asia-Pacific Service Center is based in Malaysia, we may reach you via Malaysia phone number.
请时刻警惕任何可能的招聘欺诈行为!请注意,巴斯夫绝不会在任何情况下向候选人以任何形式收取任何费用。
Read Full Description