外資系生命保険会社でのInformation Security & Risk Manager or Sr.Managerの求人
求人ID:143560
募集終了
転職求人情報
職種
Information Security & Risk
ポジション
Manager or Sr.Manager
おすすめ年齢
20代
30代
40代
50代以上
年収イメージ
応相談(経験・能力を考慮の上当社規定により決定)
仕事内容
<General Accountability>
This role will lead the information risk management team in Japan to ensure information risk is always considered and managed through the execution of different information risk management processes. The incumbent will join a vibrant and global information risk management practice and team that works hard to enable and facilitate business while protecting our people and key information assets. The Information Security & Risk Management team pulls together a number of specialties forging strong ties between:
Identity & Access Management
Risk & Control Assessments
Application Security Management
<Key Responsibilities>
The incumbent will oversee the holistic execution of Information Security & Risk Management function within Japan to drive the implementation of IRM program objectives and execute the practices & controls for Japan. By leading the country Information Security & Risk Management team, this role plays an essential part to ensure that information risk processes are properly executed. The role is also responsible for identity & access management together with application security management, in alignment with the mandates and objectives from Asia Segment and Global IRM.
The incumbent will collaborate and liaise with Asia Segment IRM stakeholders, regional and in-market IS and application development teams, as well as Enterprise Technology Services. This role works to ensure information risk management is included and embedded in key processes not limited to Software Development Life Cycles, but includes infrastructure, as well as vendor controls. The incumbent also works closely with senior management for tracking and reporting functions, ensuring timely responses to queries
●Overall Accountabilities
・Influence behavior to reduce risk and foster a strong technology risk our management culture throughout the enterprise
・Collaborate with other IRM teams and professionals including the Chief Information Risk Officer, the Asia Regional Information Risk Officer, Audit Services, Procurement Office, and peer Technology Risk Management leads across our globally.
・Collaborate with Regional or Global IRM shared services security operation on procedure and process integration
・Contribute and shape divisional and global IRM projects and initiatives. Ensure division-specific requirements and needs are accommodated whenever possible and practical in initiatives, projects and services.
●Identity & Access Management
・ Design the practice, process, leveraging tools and technology, to secure identity and access management, user identity lifecycle on boarding and off boarding, transfer and changes, logical access review, privilege account management, password and multifactor authentication enforcement, with global access control policies and related standards
・Define user identity and privilege account, on boarding provisioning, off boarding de-provisioning, transfer and changes approach and procedure
This role will lead the information risk management team in Japan to ensure information risk is always considered and managed through the execution of different information risk management processes. The incumbent will join a vibrant and global information risk management practice and team that works hard to enable and facilitate business while protecting our people and key information assets. The Information Security & Risk Management team pulls together a number of specialties forging strong ties between:
Identity & Access Management
Risk & Control Assessments
Application Security Management
<Key Responsibilities>
The incumbent will oversee the holistic execution of Information Security & Risk Management function within Japan to drive the implementation of IRM program objectives and execute the practices & controls for Japan. By leading the country Information Security & Risk Management team, this role plays an essential part to ensure that information risk processes are properly executed. The role is also responsible for identity & access management together with application security management, in alignment with the mandates and objectives from Asia Segment and Global IRM.
The incumbent will collaborate and liaise with Asia Segment IRM stakeholders, regional and in-market IS and application development teams, as well as Enterprise Technology Services. This role works to ensure information risk management is included and embedded in key processes not limited to Software Development Life Cycles, but includes infrastructure, as well as vendor controls. The incumbent also works closely with senior management for tracking and reporting functions, ensuring timely responses to queries
●Overall Accountabilities
・Influence behavior to reduce risk and foster a strong technology risk our management culture throughout the enterprise
・Collaborate with other IRM teams and professionals including the Chief Information Risk Officer, the Asia Regional Information Risk Officer, Audit Services, Procurement Office, and peer Technology Risk Management leads across our globally.
・Collaborate with Regional or Global IRM shared services security operation on procedure and process integration
・Contribute and shape divisional and global IRM projects and initiatives. Ensure division-specific requirements and needs are accommodated whenever possible and practical in initiatives, projects and services.
●Identity & Access Management
・ Design the practice, process, leveraging tools and technology, to secure identity and access management, user identity lifecycle on boarding and off boarding, transfer and changes, logical access review, privilege account management, password and multifactor authentication enforcement, with global access control policies and related standards
・Define user identity and privilege account, on boarding provisioning, off boarding de-provisioning, transfer and changes approach and procedure
必要スキル
<Qualifications>
・University Degree (Computer Science, Business or Finance preferred).
・Ten years or more of progressive experience in one or more of the following disciplines: Information Technology/Systems, Information Risk Management,
Project Management, Audits, Information Security - ideally with experience in a large, complex organization
・Minimum 5 years of experience in direct people management
・Professional certifications or designations in security CISSP, CISA, or CRISC required
・Experience in a highly regulated environment, specific experience with FFIEC, OSFI, PCI-DSS, SOX preferred
・Expert knowledge of IT security and risk disciplines and practices
・Advanced knowledge of organization, technology controls, security and risk issues
・Demonstrated ability to participate in complex, comprehensive or large projects and initiatives
・Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors
・ Experience with Key Risk Indicators and Technology Risk reporting preferred
<Competencies>
・Proven ability to lead and manage teams to achieve business and/or risk management objectives.
・Ability to work both independently and collaboratively, while managing multiple priorities within tight deadlines & work under pressure
・Proven ability to build relationships, engage and influence others, work with a diverse internal and international user community, as well as vendors
・Ability to successfully manage interaction with internal clients and work independently and within a team environment with professionalism and collaboration
・Strong interpersonal skills, including demonstrated ability to be sensitive and professional when communicating across geographical and cultural boundaries.
・Effective influencing and negotiation skills with the aptitude to achieve consensus in a federated environment.
・Ability to create and deliver meaningful presentations and insights back to key stakeholders throughout the business
・Possess excellent leadership, diplomatic and motivational skills to lead cross-functional teams and coach/advise peers and staff
・Excellent communication skills (oral and written) including presentation skills and demonstrated ability to present at all organizational levels.
・Innovative problem-solving skills with the proven ability to exercise flexibility and judgment can think and work creatively and find solutions to roadblocks
・Strong planning and organization skills with the ability to adapt to changes
・Japanese fluency, English is an advantage
・University Degree (Computer Science, Business or Finance preferred).
・Ten years or more of progressive experience in one or more of the following disciplines: Information Technology/Systems, Information Risk Management,
Project Management, Audits, Information Security - ideally with experience in a large, complex organization
・Minimum 5 years of experience in direct people management
・Professional certifications or designations in security CISSP, CISA, or CRISC required
・Experience in a highly regulated environment, specific experience with FFIEC, OSFI, PCI-DSS, SOX preferred
・Expert knowledge of IT security and risk disciplines and practices
・Advanced knowledge of organization, technology controls, security and risk issues
・Demonstrated ability to participate in complex, comprehensive or large projects and initiatives
・Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors
・ Experience with Key Risk Indicators and Technology Risk reporting preferred
<Competencies>
・Proven ability to lead and manage teams to achieve business and/or risk management objectives.
・Ability to work both independently and collaboratively, while managing multiple priorities within tight deadlines & work under pressure
・Proven ability to build relationships, engage and influence others, work with a diverse internal and international user community, as well as vendors
・Ability to successfully manage interaction with internal clients and work independently and within a team environment with professionalism and collaboration
・Strong interpersonal skills, including demonstrated ability to be sensitive and professional when communicating across geographical and cultural boundaries.
・Effective influencing and negotiation skills with the aptitude to achieve consensus in a federated environment.
・Ability to create and deliver meaningful presentations and insights back to key stakeholders throughout the business
・Possess excellent leadership, diplomatic and motivational skills to lead cross-functional teams and coach/advise peers and staff
・Excellent communication skills (oral and written) including presentation skills and demonstrated ability to present at all organizational levels.
・Innovative problem-solving skills with the proven ability to exercise flexibility and judgment can think and work creatively and find solutions to roadblocks
・Strong planning and organization skills with the ability to adapt to changes
・Japanese fluency, English is an advantage
就業場所
就業形態
正社員
企業名
外資系生命保険会社
企業概要
北米を本拠地に世界約20カ国で拠点展開をする、世界トップクラスの生命保険会社。
企業PR
業務カテゴリ
組織カテゴリ
備考
情報セキュリティの求人情報
外資系金融機関の求人情報
外資系の求人情報
転職体験記
- 製造業に対する実行支援を得意とするエンジニアリング企業へ(50代/男性/私立大学卒)
- 金融機関のリスク管理部門にこだわって、グローバルバンクへ(30代/男性/国立大学院卒)
- 希望の職種を限定し、成長中のIT企業へ(50代/男性/国立大学院卒)
- これまでの経験を活かして、サイバーセキュリティ企業へ(50代/男性/私立大学卒)
- 希望する職種にこだわって、大手外資系金融機関へ(30代/男性/国立大学院卒)
- 希望のミドル部門、かつ希望以上の年収の条件で日系信託銀行に内定(30代/男性/国立大学卒)
- 国内系資産運用会社から、国内最大金融グループ系PEファンド運用会社へ(50代/男性/私立大学卒)
- これまでの業務経験を活かして、総合セキュリティサービス企業へ(30代/男性/大学校卒)
- 今までの実務キャリアを活かして、シリコンバレーに本社を置くベンチャーキャピタルへ(60代/女性/海外大学院卒)