Job Description: We are looking for a Senior Security Specialist to lead security governance efforts across PT and strengthen our cloud security posture, especially in Microsoft Azure environments. Our ideal candidate has a strong foundation in security governance (e.g., frameworks, policies, vulnerability management) and working experience with cloud security. However, we are also open to experienced cloud security experts who are eager to expand into governance and compliance responsibilities. This role is critical in aligning security strategy with business and regulatory requirements, supporting secure cloud operations, and collaborating with both internal stakeholders and external security consultants. Key Responsibilities Security Governance (Primary Focus) ► Define and implement the department’s security governance strategy, aligned with internal policies and industry standards (e.g., NIST CSF, ISO 27001). ► Coordinate vulnerability management programs, including prioritization, remediation tracking, and risk reporting. ► Oversee the development and enforcement of security policies, standards, and procedures. ► Support compliance audits and risk assessments, translating technical risks into business terms. Cloud Security (Secondary Focus / Optional Priority) ► Collaborate with cloud teams to enhance Azure security posture, implement controls, and maintain visibility. ► Contribute to secure configuration and management of Azure services, including Defender for Cloud, Sentinel, Azure Policy, RBAC, PIM, and monitoring tools. ► Provide guidance during cloud security incidents and support incident response coordination and root cause analysis. ► Support security by design in cloud-based projects and deployments. Communication ► Serve as a bridge between security consultants, engineering teams, and business stakeholders. ► Resolve incidents, especially those involving cloud platforms or external threats. ► Present complex security topics clearly to both technical and non-technical audiences. ► Support a culture of continuous improvement, risk awareness, and accountability in security practices. Job Qualification: Must-Have Proven experience in security governance, including: Policy and control frameworks (e.g., NIST CSF, ISO 27001) Vulnerability management lifecycle Risk management and compliance Working knowledge or hands-on experience with Azure or other public cloud. Ability to coordinate cross-functional teams (incl. external vendors) Familiarity with web application and API security (e.g., OWASP Top 10, secure coding practices). Nice to Have / Alternate Profiles Deep Azure cloud security expertise, ideally with experience in cloud security design, implementation, and tooling. Experience with DevSecOps, cloud-native security tooling, or automation of cloud security controls. Background in incident response in hybrid or cloud-native environments. Education: Bachelor’s degree in Computer Science, Information Technology, or a related field; Certifications (Preferred, Not Required) AZ-500 – Microsoft Azure Security Engineer Associate SC-100 – Microsoft Cybersecurity Architect Expert CISSP, CCSP, or similar security governance certifications 博世集團網上招聘數據處理同意聲明 個人信息及目的：你的如下個人信息將被處理並用於招聘：姓名、電子郵箱
、電話號碼

、所在地區
、經驗和教育信息、簡曆等應聘者自主提交的附件信息、證件號、職位、部門、計劃入職日期
、第一次勞動合同持續時間、工作地點、月薪
、年薪
、浮動獎金比例、餐貼、車貼。 boshijiangyijuxiangguandeshujubaohufagui，zaiquanqiufanweineiduinindeshujujinxingbaomi。zhaopinliuchengzhong
，nindegerenxinxizhiyouzaibixushicaihuibeitigonggeiboshiyiwaidedisanfangjigou(如代理機構)。博世精心挑選了第三方機構並與之簽訂了保密合同。博世采取了種種保密措施以保護您的數據

，確保其不會遭受操縱、丟失、破壞、未經授權的訪問或泄漏。我們的安全措施將隨著新技術的應用而不斷升級。您的本地瀏覽器和我們的人才招募係統之間的數據傳輸通過https加密。 特定職位申請：申請博世集團的職位就意味著您將自己的個人信息提供給博世集團旗下相應的法律實體（具體請見博世集團法人清單）。請qing注zhu意yi，若ruo有you任ren何he文wen件jian或huo資zi料liao變bian更geng，請qing在zai所suo有you申shen請qing書shu裏li一yi並bing變bian更geng。人ren力li資zi源yuan部bu門men的de員yuan工gong可ke能neng與yu您nin聯lian係xi
，詢xun問wen您nin是shi否fou同tong意yi將jiang您nin的de求qiu職zhi申shen請qing轉zhuan向xiang博bo世shi集ji團tuan內nei部bu另ling一yi合he適shi職zhi位wei。如ru果guo您nin申shen請qing了le特te定ding職zhi位wei
，那na麼me隻zhi有you在zai您nin同tong意yi的de情qing況kuang下xia，博bo世shi才cai會hui將jiang您nin的de求qiu職zhi申shen請qing轉zhuan向xiang另ling一yi職zhi位wei。 您可以隨時撤回求職申請，博世將根據相關法律刪除您的個人信息。與您的申請相關的所有資料將被保留至24個月。您的權利：若您希望停止向博世提供您的個人信息，可聯係我們或通過博世網上招聘數據隱私聲明中的BKMS係統提出申請。您可以在SmartRecruiters平台查閱和修改您的簡曆。您對您的個人信息的處理享有知情權、決定權，您有權限製或者拒絕我們對您的個人信息進行處理。您還可以更正
、補充您的個人信息。 跨境傳輸：為了實現前述目的

，我們所收集的您的個人信息可能會在多個國家或地區間進行跨境轉移
，例如德國、新加坡。 德國：羅伯特-博世有限公司（德國格寧根市羅伯特博世廣場1號（Robert-Bosch-Platz 1, Gerlingen-Schillerhohe, Germany，郵編：70839），用於集團統一招聘管理（博世中國與數據接收方均基於該目的開展數據出境活動； 英國：SmartRecruiters（英國伯克郡溫莎亞瑟路聖斯蒂芬大廈 郵政區碼: SL4 1RU），用於招聘、後期交流聯係及分享職位/活動信息
、潛在人才社區邀請。 您可通過上述聯係方式依法向境外接收方行使您在個人信息處理活動中的權利。 存儲您的個人信息：我們將僅在為實現目的必要的範圍內以及法律法規要求的時間內保留您的個人信息。 雇傭：被雇傭後，您提供的數據將被從當前招聘係統轉移至職位所屬公司的人力資源管理係統。聯係方式： 請通過訪問博世中國官方主頁：博世在中國＞加入博世＞工作機會
，在網上招聘數據隱私聲明中“9.聯係方式” 博世集團法人清單： 請通過訪問博世中國官方主頁：博世在中國＞加入博世＞工作機會，在網上招聘數據隱私聲明中獲取現階段使用網上招聘係統的博世集團法人（第五頁）