Job content: (A-level agency information security full-time staff)
1.About ISO system:
1-1. NCCST's ISO 27001, ISO 20000, BS 10012(ISMS, SMS, PIMS) management system education and training.
1-2. Information asset inventory, risk assessment, management review meeting tracking and control
1-3. Internal and external audit
1-4. Business Continuity Plan (BCP) management, social engineering, information security health diagnosis, vulnerability scanning and penetration testing management examination tracking
2. System protection and control review
2-1. New system classification, online control item review, risk assessment
2-2. Maturity assessment of information security governance in technical service center
2-3. Writing and revising the information security maintenance plan of the whole center
2-4. Signing of operation level agreement (OLA) and service level agreement (SLA)
2-5. Service catalog, service inventory, satisfaction analysis
2-6. Collection and tracking of personal information goals (PIMS-related)
2-7. In 1112, the new ISO system introduction plan of the National Information Security Research Institute and the adjustment of the relevant management system four documents