大手会計ファームグループ内シェアードサービス企業でのRisk Management Information Security＜Assistant Director＞の求人

Risk Management Information Security (“RM-IS”) for Our Consulting cover a variety of information security matters for the we working closely with Japan Region Risk Management Information Security Lead.

The RM-IS is responsible for helping the our business improve its information security posture with respect to delivering on commitments to their clients, as well as reducing risk both inside clients and throughout the entity. The RM-IS for we also responsible for developing, implementing and monitoring a strategic, comprehensive information security program for us. Areas covered under RM-IS for our include data privacy especially Personal Information and cybersecurity. The RM-IS for we will interact closely with various functions (e.g., Legal, Quality, Finance, IT, HR, Marketing and Communications, etc.) and the business to understand their requirements in order to solve their information security risks and implement necessary policies and measures.

This position reports to the our Risk Management Information Security Lead.

The role includes the following activities, however is not limited but is not limited there to:

1.Develops information security strategy, awareness programs, architecture, and information security incident response
2.Drive consistent adoption of Information Security Policy and Standards across Our Consulting
3.Proactively identify information security deficiencies or opportunities for improvement and facilitate development of pragmatic solutions to drive consistency
4.Provide regular, timely reporting on information security initiative status across supported business units
5.Provides strategic risk guidance for IT projects, including evaluation and recommendation of technical controls
6.Educates IT and other functions on appropriate information security risk and mitigation strategies
7.Provides the direction for Our Consulting’s data privacy protection
8.Evaluates new cybersecurity threats and IT trends and develops effective information security controls. Oversees development of information security awareness programs
9.Develops and oversees effective disaster recovery policies and standards to align with company business continuity management program goals. Coordinates development ofimplementation plans and procedures to ensure business critical services are recovered
10.Evaluates potential security breaches, coordinates response, and recommend corrective actions
11.Define and report on information security metrics
12.Provides project management and leadership to staff and external resources in support of established goals and objectives, improved efficiencies, and problem resolution
13.Maintains current knowledge of industry and regulatory trends and developments for the enterprise technology

Because the information security risk landscape is constantly changing, the person will be required to be adaptable to changing needs and be flexible in prioritizing tasks

●Requirements
・10+ years’ experience in Information Security with demonstrable accomplishments in the Information Security area or similar experience
・Knowledge of the industry and work experience in a Big 4 and/or consulting firms
・Project management skills, ability to multi-task
・Business acumen
・High level of interpersonal and communication skills
・Flexibility and ability to work in a fast-moving work environment
・Professional workstyle
・English skill of business level (comfortable corresponding in emails, participating in conference calls)
・Documentation and report-writing skills

●Even better if he/she has competencies, skill and experiences as below
・Knowledge or experience of information security risks
・Knowledge or experience of Personal Information

●Other essentials
・Language skill: Fluent Japanese and Advanced English skills
・Academic Background: Bachelor’s degree and above