ログイン
大手証券会社でのSenior Penetration Testerの求人
求人ID:1296242
募集終了
転職求人情報
職種
Senior Penetration Tester
ポジション
Senior Associate
おすすめ年齢
20代
30代
40代
50代以上
年収イメージ
応相談(経験・能力を考慮の上当社規定により決定)
仕事内容
Our Company is an Asia-based financial services group with an integrated global network spanning over 30 countries. By connecting markets East & West, Our services the needs of individuals, institutions, corporates and governments through its three business divisions: Retail, Asset Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leaders.
Our employs a robust IT Security department, members of which are located in all of its major regions, namely EMEA, Americas, India, Asia Excluding Japan (AeJ) and Japan. This team is responsible for designing, implementing and maintaining Our IT Security Policy and strategy within the Japan region.
Under the direction of the global Security Test team, the candidate will need to coordinate and run penetration tests of Our assets in Japan to ensure the reduction of technical risk, being able to pro-actively identify weaknesses and shortcomings in Our security posture and recommend necessary controls and procedures to protect and detect adversarial threats.
The role will not only involve conducting tests from initial scoping to the management of findings remediation, but will oversee security tests run by external vendors in this region and involve the mentoring of junior team members.
●Experience
The candidate will need to have experience and knowledge of:
・Conducting infrastructure and web application penetration tests and security assessments as part of red, blue and purple team business as usual and bespoke projects
・Pre-test scoping activities and post-test management including follow up of findings remediation
・Subject matter expertise in web, mobile or network penetration testing with track record of end to end testing of complex systems
・Pro-actively research and Identify network and system vulnerabilities and provide recommended counter measures or mitigating controls.
・Excellent understanding of cyber security risks and controls.
・Ability to effectively communicate with internal stakeholders and third party vendors, to ensure security engagements run smoothly and to others’ expectations.
・Excellent report writing skills with the ability to explain technical findings to a non-technical audience, with the ability to articulate actual business risk.
Our employs a robust IT Security department, members of which are located in all of its major regions, namely EMEA, Americas, India, Asia Excluding Japan (AeJ) and Japan. This team is responsible for designing, implementing and maintaining Our IT Security Policy and strategy within the Japan region.
Under the direction of the global Security Test team, the candidate will need to coordinate and run penetration tests of Our assets in Japan to ensure the reduction of technical risk, being able to pro-actively identify weaknesses and shortcomings in Our security posture and recommend necessary controls and procedures to protect and detect adversarial threats.
The role will not only involve conducting tests from initial scoping to the management of findings remediation, but will oversee security tests run by external vendors in this region and involve the mentoring of junior team members.
●Experience
The candidate will need to have experience and knowledge of:
・Conducting infrastructure and web application penetration tests and security assessments as part of red, blue and purple team business as usual and bespoke projects
・Pre-test scoping activities and post-test management including follow up of findings remediation
・Subject matter expertise in web, mobile or network penetration testing with track record of end to end testing of complex systems
・Pro-actively research and Identify network and system vulnerabilities and provide recommended counter measures or mitigating controls.
・Excellent understanding of cyber security risks and controls.
・Ability to effectively communicate with internal stakeholders and third party vendors, to ensure security engagements run smoothly and to others’ expectations.
・Excellent report writing skills with the ability to explain technical findings to a non-technical audience, with the ability to articulate actual business risk.
必要スキル
●Mandatory
・Bilingual Japanese / English language capabilities. Native Japanese is ideal, but must have at least N1 JLPT Japanese language skills. TOEIC level should ideally be over 800.
・At least 5 or more years of IT security testing experience
・Strong communication skills
・Good team player, ability to work on a local, regional and global basis and as part of joint cross-location teams and cross-functional teams.
・Ability to be pro-active and self-manage tasks through to completion.
●Preferred
・Any security certifications, such as: CISSP, CISM, CISA, Security+, CEH, CCSK, or similar industry recognized certifications.
・Bilingual Japanese / English language capabilities. Native Japanese is ideal, but must have at least N1 JLPT Japanese language skills. TOEIC level should ideally be over 800.
・At least 5 or more years of IT security testing experience
・Strong communication skills
・Good team player, ability to work on a local, regional and global basis and as part of joint cross-location teams and cross-functional teams.
・Ability to be pro-active and self-manage tasks through to completion.
●Preferred
・Any security certifications, such as: CISSP, CISM, CISA, Security+, CEH, CCSK, or similar industry recognized certifications.
就業場所
就業形態
正社員
企業名
大手証券会社
企業概要
国内大手証券会社
企業PR
日本をベースとしたグローバル金融機関。インベストメント・バンキング、グローバル・マーケッツ、アセット・マネジメント、リテールビジネス等を行っています。