Head of Information Security (English and Chinese)
Role summary
GOFO is seeking a Head of Information Security to lead their security initiatives. This role involves implementing and managing the company's Information Security Management System (ISMS) and developing data security and privacy policies aligned with US and Canadian regulations. The Head of Information Security will establish systems for vulnerability identification, monitoring, and incident response, and ensure security standards are integrated into the software development lifecycle. This position requires 5+ years of experience in information security, including compliance management, security tool operations, and vulnerability scanning. The role also involves building and leading the information security team. A Bachelor's degree in Computer Science or Information Security is required.
Company Overview
:
GOFO collaborates with leading Delivery Service Providers (DSPs) to deliver exceptional last-mile delivery services. We ensure reliable, cost-efficient parcel deliveries with real-time tracking and optimized routing. By leveraging advanced technology, we streamline the delivery process, enhancing transparency and flexibility.
Operating in high-density cities across key regions such as Los Angeles, Atlanta, Miami, and Puerto Rico, we tailor our services to meet the specific needs of e-commerce and local businesses. Our customer-centric approach guarantees timely and dependable delivery experiences.
Responsibilities:
1. Framework Implementation:
Promote and implement the company's information security management system (ISMS) in accordance with compliance and information protection requirements.
2. Regional Compliance:
Develop and implement internal data security and privacy protection policies, processes, and related managerial and technical measures based on the legal and regulatory requirements of the countries where the company operates, such as the United States and Canada.
3. Security Infrastructure:
Establish and execute systems and technical measures for security vulnerability identification, protection, monitoring, and incident response to ensure the secure operation and defense strategies of hardware, software, and related terminal systems and devices.
4. SDLC Security:
Implement security standards, audit processes, and vulnerability detection requirements during software development and system iteration to mitigate system and data security risks.
5. Team Leadership:
Build and manage the company's information security team.
Requirements:
1. Education:
Bachelor’s degree or above in Computer Science, Information Security, or related fields.
2. Experience:
5+ years of hands-on experience in information security, with a proven track record in security compliance management (including industry-specific standards), security tool operations, and vulnerability/Web application scanning.
3. Analytical Skills:
Strong analytical and problem-solving skills, with the ability to assess security risks, investigate complex incidents, and develop actionable remediation plans.
4. Communication:
Ability to translate technical security concepts into non-technical language for effective communication with cross-functional stakeholders.
5. Project Management:
Excellent project management skills, with the ability to prioritize tasks effectively (e.g., compliance audits, incident response, scanning schedules) and drive multi-task execution in a fast-paced work environment.