IT Third Party Risk Management Senior Analyst

Job Type
7,000,000 JPY - 11,000,000 JPY per year + Bonus + Overtime + Health Insurance + Benefits + Holidays + Flexible Hours
Japanese Level
Advanced (JLPT Level 1)
English Level
High Intermediate (TOEIC 730)
Start Date



One of our Fortune500, Global Insurance Client is looking for a IT Third-Party Risk Management Senior Analyst based in Tokyo and remotely work with offshore offices.

- You will be expected to play a critical role as IT Third-Party Risk Management Senior Analyst to assess the information security risk and control of the third parties.

- Expect to provide hands-on work for the daily activities and propose solutions to the improvement initiatives.

- Immediate focus areas will be information security risk assessments and inspection for the third parties handling our company’s customer’s personal information and company secret.

- Expect to promote our IT Risk & Security programs by working closely in the IT organization and with other control functions as well as related businesses.

If you have the right skillset, you are encouraged to apply for this role.



- Ensure our IT Third-Party Risk Management which includes information security risk assessment and inspection for the third parties to protect our company’s customer’s personal information and company secret from leakage.

- Also, follow-up the progress of the third party’s risk remediation plans.

- Expect to be a subject matter expert in one or more of the following key areas: information security, application security, infra & network security, cybersecurity, IT risk assessment, IT audit, personal information protection, security incident response.

- Communicate with the person in charge of the outsourcer department and the person in charge of the procurement department to proceed smoothly the assessment and inspection for the third parties.

- Execute incident response process for the company by closely working with any related teams at the time of company secret leakage.

- Respond to the regulatory changes or industry wide trends relating to personal information protection and analyze for implications or measures to be taken as necessary







- お客様の個人情報や企業秘密の漏洩を防ぐために、第三者に対する情報セキュリティリスク評価・検査を含むIT第三者リスク管理を徹底する

- サードパーティのリスク是正計画の進捗状況のフォロー

- 情報セキュリティ、アプリケーションセキュリティ、インフラ・ネットワークセキュリティ、サイバーセキュリティ、ITリスクアセスメント、IT監査、個人情報保護、セキュリティインシデント対応など、1つ以上の主要分野におけるサブジェクト・マター・エキスパートとなること

- アウトソーサー部門の担当者および調達部門の担当者とコミュニケーションをとり、第三者に対する評価・検査を円滑に進める

- 企業秘密の漏洩時には、関係各所と連携し、企業のインシデント対応を行う

- 個人情報保護に関する規制の変更や業界全体の動向に対応し、必要に応じて影響や対策を分析する



【会社概要 | Company Details】
Global insurance company with over 40 years of experience in Japan with strengths in various sales channels and product lineup. The company focuses on creating diverse environments including but not limited to promoting the appointment of women.

【就業時間 | Working Hours】
9:00 - 18:00(Mon - Fri) [Work from home till Covid-19]

【休日休暇 | Holidays】
Saturday, Sunday, and National Holidays, Year-end and New Year Holidays, Paid Holidays, Other Special Holidays

【待遇・福利厚生 | Services / Benefits】

各種社会保険完備(厚生年金保険、健康保険、労災保険、雇用保険)、 屋内原則禁煙(屋外に喫煙所あり)、 通勤交通費支給等

Social insurance, Transportation Fee, No smoking indoors allowed (Designated smoking area), etc.


Required Skills

- Experience in IT Risk & Security or IT Audit-related field.

- Ability to prepare accurate reports for all levels of staff in appropriate clear language and provide an oral presentation.

- Willing to learn new IT technologies and achieve goals in IT Risk & Security.

- Interest in broader risk management areas such as IT security, IT risk governance and emerging tech risk management.

- Familiar with regulatory/industry standards (NIST CSF, PCI DSS, FISC)


- ITリスク&セキュリティまたはIT監査関連分野での実務経験

- すべてのレベルのスタッフを対象に、適切な言葉で正確なレポートを作成し、口頭でプレゼンテーションを行うことができること

- 新しいIT技術を学び、ITリスク&セキュリティにおける目標を達成する意欲があること

- ITセキュリティ、ITリスクガバナンス、新興技術のリスク管理など、より広範なリスク管理分野に関心があること

- 規制/業界標準(NIST CSF、PCI DSS、FISC)に精通していること