【外資系保険会社】情報セキュリティ専門家

勤務形態
正社員
給与
9,000,000 JPY - 14,000,000 JPY per year
日本語レベル
なし
英語レベル
ビジネスレベル(TOEIC 860)
開始日
ASAP
勤務地
東京

職務内容

Global insurance company is looking for an Information Security Expert who is responsible for leading Security Taskforce to deliver mature security controls. You will ensure Business Information Security to have an appropriate level of protection for its information assets, in keeping with Group Standards, Regulatory requirements and the particular risk profile.

【Key Accountabilities】
1. Deliver the company information risk countermeasure and associated improvement plan:
‐ Identify, flag or escalate the need for investment or change practices to mitigate critical risks and ensure legal, regulatory or commercial compliance
‐ Monitor and maintain system confidentiality, integrity and availability and support, coordinate information security incidents

2. Support Chief Information Security Officer:
‐ Support CISO to facilitate the company and subsidiaries’ Information Security strategy
‐ Serve as a security champion and as a security leader to senior management of the entities in the implementation and maintenance of information security

3. Analyze and develop Security Policy, Standard and Procedure based on Group Standard:
‐ Analyze Group Security Policy and standard every year
‐ Localize/draft Security Policy, Standard and Procedure.
‐ Analyze and develop Security Strategic Action Plan, with consideration of Group Security recommendations:

4. Analyze and develop Security Policy, Standard and Procedure based on Group Standard:
‐ Analyze Group Security Policy and standard every year
‐ Localize/draft Security Policy, Standard and Procedure.
‐ Analyze and develop Security Strategic Action Plan, with consideration of Group Security recommendations

5. Execute Security improvement projects and BAU from a point of business
‐ Design and implement tools and processes for Information Security.
‐ Monitor and report on delivery of Information Security requirements.
‐ Initiate risk reduction projects or Security Improvement projects.
‐ Follows up on security findings from security-related reviews and other third-party reviews.

6. Respond to Threat and Incident:
‐ Monitors and evaluates internal and external security threats. Researches security threats and implement appropriate changes to the Security program to prevent company and customer data assets from being compromised.
‐ Respond to Incident and ensure the mature Cyber Resiliency
‐ Acts as an escalation point for complex internal and customer facing security and support functions.

7. Lead the company's Awareness Program:
‐ Plan/Execute awareness program for all Business department

8. Ensure security aspects of projects and deliver audit:
‐ Conduct project review meeting and review BRD and necessary documentation.
‐ Understand the risk of each project
‐ Draft the result of review meeting and security comment with recommended solution.
‐ Explain required security functions and suggestion to project member.
‐ Work as Security Architect to contribute any project or non-project task

 

 


外資系保険会社では、高度なセキュリティコントロールを提供するセキュリティタスクフォースをリードする情報セキュリティ専門家を募集しております。グループの標準、規制要件、および特定のリスクプロファイルに沿って、ビジネス情報セキュリティが、情報資産に対する適切なレベルの保護を保証いただきます。

【主な業務内容】
‐ 企業情報のリスク対策とそれに伴う改善計画を提供する
‐ 最高情報セキュリティ責任者(CISO)のサポート
‐ グループ標準に基づいたセキュリティポリシー、基準、手順の分析と開発
‐ 業務視点からセキュリティ改善プロジェクトとBAUを実行する
‐ 脅威とインシデントへの対応
‐ 会社の意識向上プログラムをリードする
‐ プロジェクトのセキュリティ面を確保し、監査を実施する

必須スキル

【Expert Requirements】
1. Accreditation:
‐ Certification of information security (CISM Certification or equivalent) more than 5 years of qualification experience
‐ More than 5 years of work experience in Information Security risk assessment or system security operation

2. Sustain competitive advantage:
‐ Develops the security of electronic information and establishes security systems, policies and procedures to prevent system compromise or infiltration. This position needs the strong ability to investigates, recommends and monitors implementation of Technical security controls.
‐ And/Or, perform risk analysis to identify the requirements and provided secured environment to deliver the technology and services.

3. Contribution to advancement of Company:
‐ Enable the company to operate within acceptable levels of information risks, by adequately protecting information in the Group. Enhance security awareness of employees and management at all levels.

4. Application of skill / knowledge:
‐ Define requirements for the company to meet local regulations, and both the company and the group policy as well as enforcing implementation of and compliance to requirements.

【Other Requirements】
‐ Understand the strategy for the company annual target
‐ Promote Self-Reliance and an independent spirit without asking everything to Senior Leaders
‐ Have your own regular meeting with Senior counterparts and/or the Group IS counterparts
‐ Support Efficiency target
‐ Design process, plans and make decisions to ensure consistent delivery results.
‐ Ensure to give your delivery report (weekly, monthly...etc.)
‐ Challenges the status quo and seeks continuous improvement of processes and system security
‐ Challenges risk management on delivering new technology to improve company productivity
‐ Good analytical skills and ability to abstract a complex solution
‐ Experience in Information Security and IT
‐ Advanced in Information Security standards and processes (Functional and Technical)
‐ Advanced in Industry Risk Management Standards
‐ Advanced in Security Architecture, Operational Security

 

 

‐ 情報セキュリティの資格(CISM資格または同等のもの)
‐ 情報セキュリティリスクアセスメントまたはシステムセキュリティ運用の経験
‐ 優れた分析スキルと複雑なソリューションをまとめる能力
‐ 情報セキュリティとITの経験
‐ 情報セキュリティの標準とプロセスの高度化(機能と技術)
‐ 産業リスク管理基準の高度化
‐ セキュリティアーキテクチャ、運用セキュリティの高度化