Job Description
Data Security Operations Engineer - Permission Operations
Location: London / Hong Kong / Beijing
Responsibilities and Goals:
* Permission Lifecycle Management: Lead the design, implementation, and continuous optimization of enterprise-level permission policies, establish policy iteration mechanisms, and ensure compliance with security standards such as ISO 27001 and business requirements.
* Security Risk Monitoring and Response: Use tools such as SQL/Python to analyze user behavior and permission log data, build real-time monitoring systems, develop emergency response procedures for security incidents related to permissions, and drive automation in incident resolution.
* Cross-Departmental Governance: Collaborate with product, R&D, and business departments, lead the technical upgrades of permission management modules (such as RBAC, TBAC, ABAC model optimization), and promote the implementation of fine-grained permission solutions in microservice environments.
* Compliance Auditing and Effectiveness Evaluation: Conduct regular permission compliance audits and generate governance reports; design quantitative metric systems to balance security controls with user experience (e.g., validating policy effectiveness through A/B testing).
* Cutting-Edge Technology Research: Track emerging technologies such as Zero Trust and AI-driven permissions, explore their application in DevSecOps, big data platforms, and other scenarios.
Requirements:
* Bachelor’s degree or above in Network Security, Computer Science, or related fields.
* Possess offensive and defensive thinking with an understanding of mainstream security threats and defense strategies.
* Proficient in data analysis tools such as SQL, Spark, Python.
* Excellent project management skills with experience in large-scale internet operations, microservice architecture, big data analysis, and security compliance is a plus.