Technology & Digital

Cyber Security Manager

Job ID: 96315
  • Shanghai
Apply Now Apply Later


Do you want to work on complex and pressing challenges—the kind that bring together curious, ambitious, and determined leaders who strive to become better every day? If this sounds like you, you’ve come to the right place.

Your Impact

You will craft detailed technical security designs and develop security products that enhance the enterprise security posture while adhering to cybersecurity standards and industry best practices. Additionally, you will drive the effective implementation of cybersecurity standards by developing a pragmatic technical controls framework and partnering with various product teams in China.  
You will develop and operationalize the product security accreditation process, conducting security technical assessments to ensure security is integrated into the development lifecycle of products. You will also develop and maintain security accreditation documentation and artifacts. 
Your responsibilities will also include designing, implementing, and maintaining security controls and best practices for cloud environments, particularly AWS and Azure. You will develop and enforce cloud security policies and procedures, and engineer IAM solutions such as privileged access management (PAM). Additionally, you will assist in configuring, securing, and fine-tuning data loss prevention (data leak protection) solutions based on firm policies. 
Exhibiting a distinct customer focus, you will drive awareness of security policies, standards, guidelines, and best practices across multiple groups. You will recommend new technologies to enhance system security and suggest strategies for improving security in new system designs. 
Finally, you will contribute to the development and growth of security engineers in the community.

Your Growth

You will be part of global Cybersecurity team and work out of our Shanghai office. 
In this role, you will act as the regional cybersecurity engineering lead, working with IT product teams to design, deploy, validate, and maintain technical security requirements. You will also collaborate with global Cybersecurity teams to develop fit-for-purpose security processes and solutions. 

Your qualifications and skills

  • Bachelor's degree is required and master's degree is preferred in IT/computer science, information security
  • 7+ years of relevant experience, especially in cybersecurity engineering.
  • Thorough understanding of multiple core security domains, such as network security, API security, cloud security, and identity access management.
  • Deep security expertise in cloud security of AWS and Azure; hands-on expertise in hardening security policies and tools in cloud platforms.
  • Ability to develop and maintain infrastructure as code (IaC) scripts and templates using tools such as Terraform.
  • Hands-on experience in establishing product security accreditation process and executing technical security reviews against products.
  • Expertise in Azure Entra ID, AWS IAM, SAML; experience in enabling Zero Trust security framework via IAM is a plus.
  • Experience in developing Data Loss Prevention tooling and solutioning is a plus.
  • Familiarity with China regulatory compliance, such as MLPS, Data Security Law, is a plus.
  • Highly collaborative, able to work with diverse teams in different functions and regions.
  • Excellent written and verbal communication skills with the ability to communicate security and risk related concepts to both technical and non-technical audiences.
  • Fluent in English and Mandarin.
  • Preferred certifications: AWS Security Specialty, Azure Security Engineer, CCSP, or CISSP.

Please review the additional requirements regarding essential job functions of McKinsey colleagues.
Industries
  • High Tech
Capabilities
  • Technology
Apply Now Apply Later

FOR U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by applicable law.

FOR NON-U.S. APPLICANTS: McKinsey & Company is an Equal Opportunity employer. For additional details regarding our global EEO policy and diversity initiatives, please visit our McKinsey Careers and Diversity & Inclusion sites.

Job Skill Group - N/A
Job Skill Code - SCM - Security Manager I
Function - Technology
Industry - High Tech
Post to LinkedIn - Yes
Posted to LinkedIn Date - Wed Mar 19 00:00:00 GMT 2025
LinkedIn Posting City - Shanghai
LinkedIn Posting State/Province -
LinkedIn Posting Country - China
LinkedIn Job Title - Cyber Security Manager
LinkedIn Function - Consulting;Engineering;Information Technology
LinkedIn Industry - Computer Hardware;Computer Networking;Computer Software
LinkedIn Seniority Level - Mid-Senior level