Leading Japanese IT service company, security and safety of the Internet services of our group are guaranteed by the Cyber Security Defense Department (CSDD), the core of their-CERT. CSDD covers all aspects of the System Development Life Cycle (SDLC) and operation security for all the services developed inside the Group.
Due to the increase demand of the work and the scope expansion, we are looking for a Security Architect with true security mindset and technical depth that will serve as a key member of our security team.
As Security Architect, you will be expected as an experienced professional in information security and IT risk assessment, with a strong understanding and hands-on experiences of security protocols, authentication, and security best practices in development lifecycle. You will also be expected to possess strong interpersonal and communication skills, and be able to work with a diverse group of people.
- Perform system requirements and design review on systems inside their ecosystem.
- Collaborate with developers, system/network administrators, and other stakeholders to ensure secure design, development, and implementation of applications and networks.
- Create and/or update security related guidelines, technical security standard, security policies and regulations for their group.
- Take part in the security training and awareness activities by cultivating a sense of security awareness, and arranging for continuous education.
- Inspire innovation and deliver quality at speed across platform and execute these to success through diligent planning, attention to detail, effective delegation, efficient decision making, and individual/team accountability.
【会社概要 | Company Details】
Our client is a large global Internet service company that has enjoyed sustained growth as they continue to expand their business in various new areas and industries. This is a great opportunity to work in a diverse and international environment in Japan. Our client actively strives to be an equal opportunity employer, and they have many female and foreign nationals in upper management positions. Their brand has also gained global recognition as they sponsor some of the world's most famous sports teams. Our client prides themselves in providing a comfortable working environment for their employees. Engineers are welcome to choose their own setup (Windows/Mac, etc.); whatever makes them comfortable! Free meals are also provided at the company cafeteria. Their chefs work to create exciting new menus and dishes, so employees never get tired of the food!
【就業時間 | Working Hours】
9:00 - 17:30（Mon - Fri）
【休日休暇 | Holidays】
Saturday, Sunday, and National Holidays, Year-end and New Year Holidays, Paid Holidays, Other Special Holidays
【待遇・福利厚生 | Services / Benefits】
各種社会保険完備（厚生年金保険、健康保険、労災保険、雇用保険）、 屋内原則禁煙（屋外に喫煙所あり）、 通勤交通費支給等
Social insurance, Transportation Fee, No smoking indoors allowed (Designated smoking area), etc.
- Experience in information security field.
- Understanding of the core concepts of network, web/mobile application, network/web application protocols and its security issues.
- Basic understanding of the security architecture framework, threat modeling, security pattern and security best practices in SDLC.
- Excellent consultation, problem-solving, communication, and interpersonal skills to help build trust and consensus.
- Strong team work capability in a diverse team environment.
- Past work as a consultant at a highly technical information security consultancy is a plus.
- Advanced IT security certifications (with good standing) e.g CISA, CISSP may be advantageous.
- Experience overseeing remediation of vulnerabilities, defining security requirements and a proven track record of working with infrastructure and development teams to build secure solutions.
- Experience in Web/Mobile application development and major web frameworks.
- Experience in Web/Mobile Penetration Testing and/or Vulnerability Assessment.
- Experience with major commercial cloud environment and/or working with container technologies
- Experience in working with SIEM and/or participated in Incident Response projects