ダイレクト系損害保険会社でのINFORMATION SECURITY SPECIALISTの求人

●Key Accountabilities
Security Education/Awareness
Planning and implementation of various security education and training programs
Translation of various security education programs, Reporting and coordination of various security education programs to Group Security, etc.

Security Project Management
Establish a security strategy for Japan in line with the Group’s security strategy and manage the security project portfolio.
Responsible for the day-to-day management of one or more complex project/programs in security domain. You may also manage project coordinator(s) and other members assisting with projects.
The role requires class-leading stakeholder engagement involving strong written and verbal communication skills, ability to empathize with and respond to internal customers’ needs, problem-solving skills and the ability to function effectively in a fast-moving, rapidly changing environment.
Collaboration with multi-location and cross-functional teams will be key to maintain and improve the project delivery.

Security Governance
Operate committees as part of security governance
Preparing and submitting quarterly reports to the group and explaining them to the management meeting of each company in Japan.
As SME, mainly responsible for the domain of security governance, security strategy and security education topics in ISMS assessment, with support from Assurance team
Budget management and planning for the next fiscal year for the security division

Risk Management
Implement and report to the Group companies in accordance with the ISO27K-like Group Risk Assessment Framework.
Compilation of security projects for risk reduction

Internal security guideline management
Review, update, and localize policies, procedures, and standards of the three our group companies, and collaborate with other departments.

Technical security verification
Desk review of technical security assurance
Support for assurance activities through penetration testing, development and implementation of corrective measures for issues raised

Others
Vendor management (security evaluation at the time of order placement, annual security evaluation, etc.)

●Requirements (1): Technical skills, Job experiences
【Mandatory】
3+ years of experience in Information Security
3+ years of experience in IT (e.g. infrastructure, development)
Experience in Project management
【Semi mandatory】
Experience in Security Awareness/Education Program
【Nice to have】
Knowledge in Information Security Governance, standards, and processes (Functional and Technical)
Knowledge in Industry Risk Management Standards, Security Architecture, Operational Security

●Requirements (2): Behavioral skills
Ability to understand company & departmental strategies, demonstrate leadership in assigned work
Able to multi-task in fast paced environment and gets through challenging situations.
Good analytical skills, team player and with attention to details
Proactive and responsible for each own attributed project or task and deliver it to completion with minimal supervision
Good communication skill within the team, across other teams and business users
Challenges the status quo and seeks continuous improvement of processes and system security
Challenges risk management on delivering new technology to improve company productivity

●Requirements (3): Certificate, Education background
Bachelor’s degree
CISSP, CISM (a plus)

●Requirements (4): Language skills
Japanese Native/Fluent level; English Business level