Share this job
Information Security Officer - 1438660
JPN
Apply for this job

KEY QUALIFICATIONS

■ Essential Requirements for this position (1): Expertise and Work Experience

Having experience in 2-3 of the following:

  • Information security operations in a business company (technical security review, security testing, governance based on ISO 27000, etc.)
  • Experience in building and operating public cloud environments (especially AWS) with regard to access control such as authentication and authorization.
  • Experience in building IT infrastructure (servers, networks, etc.) or web application development.
  • Experience in IT auditing.
  • System architecture design experience as an IT architect.
  • Project management experience such as project promotion, budget and schedule management.

■ Essential Requirements for this position (2): Behavior and Competencies

  • Ability to communicate and negotiate with multiple stakeholders (IT members, business departments, executives, etc.).
  • Ability to manage project budgets, schedules, risks, and other aspects as a project manager.
  • Ability to proactively think and act to solve problems/issues that may arise.

■ Essential Requirements for this position (3): Qualifications and Education

It is desirable to hold one of the following qualifications:

  • CISSP
  • CISA
  • AWS-related qualifications

■ Essential Requirements for this position (4): Language Skills

  • Fluent in Japanese (required)
  • Business level English (not required at the time of joining the company, but must have a willingness to learn after joining)

RESPONSIBILITIES

As a member of the Technical Security Assurance Team, the goal is to strengthen the security of the IT environment at THE FIRM and solve security issues in the business department.

[IT Project Security Review]

  • Review of IT architecture from a security perspective for various IT projects.
  • Technical review from the perspective of data protection such as encryption and data labeling, access control such as authentication and authorization between servers and users, and web application security.
  • Checking the fulfillment of security checklist (governance focus)

[Security Advisory Services]

  • BAU advisory services.
  • Responding to various security-related inquiries from IT members and business departments.
  • Vendor security review when signing SaaS contracts.
  • Application security test management and penetration test project management.
  • Process management of SAST/DAST/IAST.

[Application Security Test Management]

  • Penetration test project management.
  • Process management of SAST/DAST/IAST.


[IT Audit Support]

  • Support for various audits (internal audits, external audits, THE FIRM's Group audits, etc.).
  • Submission of necessary evidence and explanation of content during the audit process.
  • Implementing improvements when audit findings occur.

EDUCATION

■ Essential Requirements for this position (3): Qualifications and Education

It is desirable to hold one of the following qualifications:

  • CISSP
  • CISA
  • AWS-related qualifications

■ Essential Requirements for this position (4): Language Skills

  • Fluent in Japanese (required)
  • Business level English (not required at the time of joining the company, but must have a willingness to learn after joining)

OTHER

You may also be responsible for security governance, awareness program management, project management led by the security department, and security risk assessment tasks, among others.




Apply for this job
Powered by