外資系生命保険会社でのApplication Security and Identity Access Management Coordinatorの求人
求人ID:1295703
募集継続中
転職求人情報
職種
Application Security
ポジション
担当者〜
年収イメージ
応相談(経験・能力を考慮の上当社規定により決定)
仕事内容
【Position Summary】
This position as Application Security Engineer’s purpose is to:
1. Implement a segregation of duties within security where the Security & Governance CoE is accountable, and the AppSecEng Chapter is co-responsible of execution with the squad members
2. Control what is asked of our squads and ensure proper goals and exit criteria are defined, then define the how (process) to execute the activity efficiently with the squads while meeting the what expected by the CoE
3. Work closer to the squads to educate and support them more effectively with an AppSecEng allocated to each squad
4. Improve efficiency and awareness of the squads regarding security matters (educators rather than security cops)
The Application Security Engineer goal is to support the different teams implement a complete, efficient and painless Security standards while guaranteeing the highest possible Security level to the company and its customers. The role involves the definition of the processes (the how) and their execution support by the teams: the right candidate will support the team, teach them with the goal to not be needed anymore for that activity and let the team be self-sufficient. Continuous improvement of the processes is expected, to make things simpler, faster, painless.
Also, We aims at improving its Identity management by ensuring procedures exists for all applications onboarding/offboarding of users, but also streamlining the process through standardized applications (SailPoint, AD). The IAM coordinator will drive the activity from the Application Engineering side, supporting and ensuring that all our apps use the new system by end of 2024.
【Key Accountabilities】
◎ Security
・ Build and manage multi-disciplined engineering teams and oversee the development processes using industry best practices within us.
・ Educate squads on Security matters (it’s an educator role, not a security cop role)
・ Control that what is asked from squads is well defined (what: scope, when: achievable timeline, how: process, closure condition: exit criteria)
・ Defend the squad produced documents during spot checks
・ Not do the security work instead of the squads but ensure that it’s done, done right, done on time and understood by squads.
・ Strive to make oneself and one’s team expendable by raising Security awareness within every squad
・ Continuous improvement of the Security process, to make them more seamless, failsafe, faster and easier to grasp for everyone
・ Strive to continuously improve the Security level of our applications
・ Manage multiple tasks and responsibilities in high-pressure environments; excelling at pinpointing and resolving problems in early project stages to avoid cost/time expenses
・ Build upon the existing implementation of our NWOW, maturing SDLC methodologies and practices across the organization
・ Work closely with squads, POs, and stakeholders to ensure delivery of product
This position as Application Security Engineer’s purpose is to:
1. Implement a segregation of duties within security where the Security & Governance CoE is accountable, and the AppSecEng Chapter is co-responsible of execution with the squad members
2. Control what is asked of our squads and ensure proper goals and exit criteria are defined, then define the how (process) to execute the activity efficiently with the squads while meeting the what expected by the CoE
3. Work closer to the squads to educate and support them more effectively with an AppSecEng allocated to each squad
4. Improve efficiency and awareness of the squads regarding security matters (educators rather than security cops)
The Application Security Engineer goal is to support the different teams implement a complete, efficient and painless Security standards while guaranteeing the highest possible Security level to the company and its customers. The role involves the definition of the processes (the how) and their execution support by the teams: the right candidate will support the team, teach them with the goal to not be needed anymore for that activity and let the team be self-sufficient. Continuous improvement of the processes is expected, to make things simpler, faster, painless.
Also, We aims at improving its Identity management by ensuring procedures exists for all applications onboarding/offboarding of users, but also streamlining the process through standardized applications (SailPoint, AD). The IAM coordinator will drive the activity from the Application Engineering side, supporting and ensuring that all our apps use the new system by end of 2024.
【Key Accountabilities】
◎ Security
・ Build and manage multi-disciplined engineering teams and oversee the development processes using industry best practices within us.
・ Educate squads on Security matters (it’s an educator role, not a security cop role)
・ Control that what is asked from squads is well defined (what: scope, when: achievable timeline, how: process, closure condition: exit criteria)
・ Defend the squad produced documents during spot checks
・ Not do the security work instead of the squads but ensure that it’s done, done right, done on time and understood by squads.
・ Strive to make oneself and one’s team expendable by raising Security awareness within every squad
・ Continuous improvement of the Security process, to make them more seamless, failsafe, faster and easier to grasp for everyone
・ Strive to continuously improve the Security level of our applications
・ Manage multiple tasks and responsibilities in high-pressure environments; excelling at pinpointing and resolving problems in early project stages to avoid cost/time expenses
・ Build upon the existing implementation of our NWOW, maturing SDLC methodologies and practices across the organization
・ Work closely with squads, POs, and stakeholders to ensure delivery of product
必要スキル
【Skills, Knowledge, Experience】
・ At least 5 years of experience in the IT Information Security, IT Audit or Information Risk Management function
・ Possession of an industry security certification similar or comparable to (CompTIA Security+, CISSP)
・ Technical IT knowledge, especially in network architecture/security. Implementation level knowledge for solutions like Splunk, Tenable or similar
・ Cloud Security knowledge (Microsoft Azure preferred)
・ Specialized, deep knowledge of security and compliance policies and procedures: why and how
・ Efficient process creation and execution
・ Basics of Agile
・ Extensive experience supporting Security for an IT company
・ Ability to understand functional interdependencies and identify and resolve structural issues within the organization
・ Business level English and Japanese
【Personal Attributes】
・ Energetic and positive in attitude; can do mentality to all task; dynamic and flexible
・ Ability to challenge, with high levels of ownership, organizational skills and attention to detail
・ Strong learning agility
・ Ability to deal with conflicting situations
・ Ability to work independently in a timely manner
・ Exceptional communication skills and the ability to communicate appropriately with supporting functions and other engineers
・ Strong relationship building and interpersonal skills with the ability to work with stakeholders on security, architecture, compliance and other engineering teams
・ Handles well in high stress situations and tight timelines
・ At least 5 years of experience in the IT Information Security, IT Audit or Information Risk Management function
・ Possession of an industry security certification similar or comparable to (CompTIA Security+, CISSP)
・ Technical IT knowledge, especially in network architecture/security. Implementation level knowledge for solutions like Splunk, Tenable or similar
・ Cloud Security knowledge (Microsoft Azure preferred)
・ Specialized, deep knowledge of security and compliance policies and procedures: why and how
・ Efficient process creation and execution
・ Basics of Agile
・ Extensive experience supporting Security for an IT company
・ Ability to understand functional interdependencies and identify and resolve structural issues within the organization
・ Business level English and Japanese
【Personal Attributes】
・ Energetic and positive in attitude; can do mentality to all task; dynamic and flexible
・ Ability to challenge, with high levels of ownership, organizational skills and attention to detail
・ Strong learning agility
・ Ability to deal with conflicting situations
・ Ability to work independently in a timely manner
・ Exceptional communication skills and the ability to communicate appropriately with supporting functions and other engineers
・ Strong relationship building and interpersonal skills with the ability to work with stakeholders on security, architecture, compliance and other engineering teams
・ Handles well in high stress situations and tight timelines
就業場所
就業形態
正社員
企業名
外資系生命保険会社
企業概要
外資系生命保険会社
企業PR
企業向け保険に強みを持つ外資系生命保険会社。日本での営業も長く、充実した営業基盤を有する。
業務カテゴリ
組織カテゴリ
備考
関連キーワード
応募ありがとうございました。コンサルタントからご連絡します
応募出来ませんでした。恐れ入りますがもう一度やり直してください
気になるに登録しました
気になるに登録出来ませんでした。恐れ入りますがもう一度やり直してください
この求人と似た求人情報
- 大手証券会社でのIT Security Vulnerability Management Coordinator/~1000万円/東京都
- 大手証券会社でのSenior Cloud Security Architect/~1200万円/東京都
- 外資系生命保険会社でのChapter Lead(Application Security/ Business Information Security Div.)/~800万円/東京都
- 外資系生命保険会社でのIT Security Engineer/~800万円/東京都
- 外資系大手生命保険のIT, Information Security Group, Cyber Security Specialist/~800万円/東京都
アプリエンジニアの求人情報
日系金融機関の求人情報
生命保険の求人情報
転職体験記
- これまでの経験を活かして、ECサイト、決済サービス運営ベンチャー企業へ(50代/男性/専門学校卒)
- キャリアアップを希望、テクノロジーとコンサルティング双方を持つITコンサルティング企業へ(30代/男性/専門学校卒)
- 証券会社から有名メガベンチャー資本の急成長フィンテック企業へ(40代/男性/私立大学卒)
- 予てから希望していたIT業界へ(30代/男性/県立高校卒)
- 地方での転職、ソフトウェアの品質保証、テストサービスを主力事業とするIT企業へ(40代/男性/私立大学卒)
- 幅広い経験を活かして、日本を代表する電機・通信機器メーカーへ(30代/男性/私立大学卒)
- ソフトウェアの品質保証、テストサービスを主力事業とするIT企業へ(40代/男性/私立大学卒)
- 信頼できるコンサルタントからの案件を丁寧に活動、日本を代表する電機・通信機器メーカーへ(50代/男性/私立大学卒)
- スキルアップを目指し、クラウド黎明期から市場を牽引し続けるベンチャー企業へ(30代/男性/国立大学卒)
- IT領域での経験を活かして、大手日系生命保険会社へ(30代/男性/国立大学院卒)