• Develop and implement data security and privacy policies, protocols, and procedures to protect sensitive data across the organization.

• Conduct risk assessments and audits to identify vulnerabilities in data management systems and recommend enhancements.

• Collaborate with IT and other functions to ensure the integrity and security of data storage, transmission, and processing.

• Monitor security and privacy incidents, investigate breaches, and coordinate response efforts to mitigate risks and protect company data.

• Provide training and awareness programs for employees regarding data security and privacy best practices and compliance requirements.

• Stay updated on the latest industry trends, regulations, and technologies related to data security, and implement necessary changes to ensure compliance.

• Maintain documentation related to data security policies, incident reports, and audit findings for accountability and transparency.

• Lead projects that redefine data security and privacy (including viehcle data security, corss board data transfer) regulation in China region.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, data protection or a related field.

• Minimum of 8 years of experience in data security, information security management, data protection or a related field.

• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA) , CIPP-E, CIPP-A, CIPP-CN are highly preferred.

• Strong understanding of cyber, IT and data protection regulations (e.g., CSL, DSL, PIPL,GDPR, HIPAA) and their application within corporate environments.

• Proven experience with risk assessment methodologies, security frameworks, and data encryption technologies.

• Excellent analytical, problem-solving, and communication skills, with the ability to convey complex security concepts to non-technical stakeholders.