Business Information Security Manager (BISO)

Job Type
Japanese Level
English Level
Advanced (TOEIC 860)
Start Date





- ジュニアセキュリティチームメンバーの指導とサポート

- ビジネスユニット全体で情報セキュリティポリシーと標準の一貫した採用の促進

- コンプライアンス違反が適切に可視化されているかどうかをエグゼクティブリーダーへの報告、発見事項の修正

- 情報セキュリティの欠陥や改善の特定、ソリューションの企画、提供、促進

- グローバルセキュリティ全般の担当

- ビジネスユニット全体の情報セキュリティイニシアチブの状況の定期的な報告

- ISO270001、PCIなどの情報セキュリティレビューの実施、セキュリティガバナンスのコンプライアンス評価の準備

- ビジネスセキュリティの改善、セキュリティポリシーとコントロールの指守などのコンサルティング

- 新規アカウント、サービス、第三者、顧客関係などのセキュリティ管理

- 必要に応じて、ビジネスユニットやクライアントとのミーティングへの参加、発表



A major business service company is seeking a Business Information Security Officer (BISO) to join the Global Security team reporting to the Sr. Director – Insider Risk & Compliance team.


The Business Information Security Officer (BISO), leads the Global Security team. The BISO is responsible for helping the business improve its information security posture with respect to delivering on commitments to our clients, as well as reducing risk both inside client accounts and throughout the country. The BISO works closely with the business and clients to drive findings to remediation. This is achieved by understanding the key assets and processes, identifying the risks and controls, evaluating the residual risk and suggesting incremental controls, as and where appropriate. The BISO performs Global Security Assessments (GSAs) - a holistic assessment (technology, HR, operations, finance, etc.) of risks being faced by delivery operation. The BISO engages with the business unit, acting in a consultative way to ensure security policies are being adhered to and incorporated into their processes and procedures, providing valuable guidance and assistance in solving real business problems. The BISO ensures Information Security risks are proactively managed and effectively controlled, mitigated and/or remediated with relevant stakeholders both internal and external. 



- Mentor and support junior security team members

- Drive consistent adoption of Information Security Policy and Standards across business unit(s)

- Ensure that appropriate visibility of non-compliance is raised to country executive leadership and partner with the business to remediate findings

- Proactively identify information security deficiencies or opportunities for improvement and facilitate development of pragmatic solutions to drive consistency country-wide

- Serve as a trusted business executive focal for all things Global Security (excluding physical security)

- Provide regular, timely reporting on information security initiative status across supported business units

- Perform information security reviews and security governance compliance assessment preparation for in scope standards such as: ISO270001, PCI, etc.

- Be “part of the business unit” team and act in a consultative way to help business improve its security posture and adhere to security policies and expected controls

- Ensure new accounts, services, third party or client relationship, etc. has appropriate security controls embedded and that the risks are appropriate addressed

- Participate as needed in business unit and client facing engagements and present as needed



【会社概要 | Company Details】
Our Client is a global business services firm that transforms the customer experience, and streamlines front and back office and industry-specific processes to provide the highest value from every customer interaction. A Top 10 Services Provider, it partners with its clients to deliver end-to-end customer engagement services, technology innovations, analytics, process optimization, and business improvements.

【就業時間 | Working Hours】
9:00‐ 18:00(Mon‐ Fri)

【休日休暇 | Holidays】
Saturday, Sunday, and National Holidays, Year-end and New Year Holidays, Paid Holidays, Other Special Holidays

【待遇・福利厚生 | Services / Benefits】

各種社会保険完備(厚生年金保険、健康保険、労災保険、雇用保険)、 屋内原則禁煙(屋外に喫煙所あり)、 通勤交通費支給等

Social insurance, Transportation Fee, No smoking indoors allowed (Designated smoking area), etc.


Required Skills

- 情報セキュリティの経験

- CISA、CISM、又はCISSPの資格(又は、最初の12か月以内に取得意思のある方)

- ピープルマネージメントスキル

- 技術的・セキュリティ上の問題をビジネスユーザーに伝える能力、優れたコミュニケーション能力、プレゼンテーションスキル

- 上級管理職とのコミュニケーション能力

- 自立してバーチャルチームをリードする能力、優れたリーダーシップスキル

- セキュリティスキルを使用して、ビジネスユニット全体でリスク削減イニシアチブの実施、促進した経験

- ネットワークと技術的なセキュリティコントロールの知識


- Experience in Information Security with demonstrable accomplishments in the Information Security area or similar experience

- Certified or willing to become certified (within the first 12 months): CISA, CISM or CISSP

- Strong people management skills

- Excellent communication/presentation skills including the ability to translate technical/security issues to business users

- Impeccable attention to detail and self-accountability

- Ability to communicate to and influence senior management

- Excellent Leadership skills with ability to independently lead virtual teams to deliver results • Process driven and an eye for detail

- Demonstrable experience of driving operational implementation of risk reduction initiatives, across business units, using influencing and security skills

- Solid background of key network and technical security controls