IT Risk Management Analyst

Job Type
6,000,000 JPY - 9,000,000 JPY per year + Bonus + Overtime + Health Insurance + Benefits + Holidays + Flexible Hours
Japanese Level
Advanced (JLPT Level 1)
English Level
High Intermediate (TOEIC 730)
Start Date


One of our Fortune500, Global Insurance Client is looking for a IT Risk Management Analyst based in Tokyo.

- You will be expected to play a critical role as IT Risk Management Analyst to protect the confidentiality, integrity, and availability of the company’s and customer’s information.

- Expect to provide hands-on work for the daily activities and also propose solutions to the improvement initiatives.

- Expect to promote our IT Risk & Security programs by working closely in the IT organization and with other control functions as well as related businesses.

If you have the right skillset, you are encouraged to apply for this role.



- Conduct IT auditee tasks on IT General Control (ITGC) of US-GAAP (SOX) and J-GAAP external IT audits for Japan in a timely manner (i.e. collect/review relevant documents/evidence to be submitted to external audits, organize several crucial meetings with external auditors and also interview sessions, Cope with several inquiries from users/external auditors and also support IT Groups/Teams on finding remediation/inquiries on SOX compliance, etc)

- Conduct and support IT risk finding management (i.e. Promoting and supporting the registration of IT risk findings, Monitoring remediation progress of IT risk findings, Preparing and maintaining relevant metrics and reports for stakeholders, etc)

- Conduct global-based IT technical assessments for Japan-based upon the global instructions

- Conduct and support various efforts and IT-related activities for sustaining PCI DSS Compliance including the control enhancement based upon standard upgrade

- Conduct and support for maintaining policy, procedures, and manuals related to IT Risk & Security areas

- Communicate and liaise proactively work with local and global counterparts for executing activities related to IT Risk and Governance areas including themes above.

- Expect to be familiar with one or more of the following key security domains: Security & Risk Management, Asset Security, Security Architecture & Engineering, Communications & Network Security, Identity & Access Management, Security Assessment & Testing, Security Operations, Software Development Security.

- Respond to the regulatory changes or industry-wide trends relating to IT Risk & Security and analyze for implications or measures to be taken as necessary.








- US-GAAP(SOX)およびJ-GAAPのIT全般統制(ITGC)に関する日本の外部IT監査のIT受審業務をタイムリーに実施する

- ITリスク指摘事項管理の実施とサポート

- グローバルな指示に基づき、日本向けのグローバルベースのIT技術評価の実施

- PCI DSSコンプライアンスを維持するための様々な取り組みやIT関連の活動を実施とサポート

- ITリスクとセキュリティ分野に関連するポリシー、手順、マニュアルの維持管理の実施とサポート

- ITリスク・ガバナンス分野に関連するタスクを実行するために、ローカルおよびグローバルのカウンターパートと積極的にコミュニケーションをとり連携する

- ITリスクとセキュリティに関連する規制の変更や業界全体のトレンドに対応し、必要に応じて影響や対策を分析する


【会社概要 | Company Details】
Global insurance company with over 40 years of experience in Japan with strengths in various sales channels and product lineup. The company focuses on creating diverse environments including but not limited to promoting the appointment of women.

【就業時間 | Working Hours】
9:00 - 18:00(Mon - Fri) [Work from home till Covid-19]

【休日休暇 | Holidays】
Saturday, Sunday, and National Holidays, Year-end and New Year Holidays, Paid Holidays, Other Special Holidays

【待遇・福利厚生 | Services / Benefits】

各種社会保険完備(厚生年金保険、健康保険、労災保険、雇用保険)、 屋内原則禁煙(屋外に喫煙所あり)、 通勤交通費支給等

Social insurance, Transportation Fee, No smoking indoors allowed (Designated smoking area), etc.

Required Skills

- Experience in IT Risk & Security related field.

- We are looking for someone with any of the following skills who is determined to build a career at a global company:

- Experiences of IT auditee to cope with US-GAAP IT audit and/or J-GAAP IT audit, or

- Experiences of IT risk finding management, or

- Experiences of IT risk assessment and/or IT technical assessment, or

- Experiences and/or knowledge concerning PCI DSS compliance

- Ability to prepare accurate reports for all levels of staff in an appropriate clear language and provide oral presentation.

- Familiar with regulatory/industry standards (NIST CSF, PCI DSS, FISC)


- ITリスク・セキュリティ関連分野での実務経験

- 以下のいずれかのスキルをお持ちの方で、グローバル企業でのキャリア構築に意欲的な方:

- IT監査員としてUS-GAAP IT監査やJ-GAAP IT監査に対応した経験

- ITリスク発見管理の経験

- ITリスク評価やIT技術評価の経験

- PCI DSSコンプライアンスに関する経験および知識

- あらゆるレベルのスタッフに対して、適切で明確な言葉で正確な報告書を作成し、口頭でプレゼンテーションを行うことができる

- 規制・業界標準(NIST CSF、PCI DSS、FISC)に精通している