【大手金融サービス企業】部長、ITセキュリティー、技術部門

勤務形態
正社員
給与
Based on Experience
日本語レベル
ビジネスレベル(JLPT Level 1)
英語レベル
ビジネスレベル(TOEIC 860)
開始日
ASAP
勤務地
東京

職務内容

Listed major financial services company is looking for an experienced Security Director in Tokyo office.

The successful candidate will be head at IT security Architecture and technical team. The team need to delivers three main tasks as below.

 

1. Security Shared Services

2. Cyber Strategic Risk

3. Advisory

 

The Architecture and Technical Director role is the head of the Architecture and Technical Leadership function whose role is to develop new capabilities globally for information security. As the migration of the systems continues to be moved to hosted providers or completely moved to a service-based consumption model, the nature of how security controls are designed, deployed and operated are also changing. This shift requires expertise that can guide / lead the process of security controls that are effective in these IT delivery models.

 

The Architecture and Technical Director will be responsible for advisory, assessment and design work. The scope of this work includes operational and technological matters. The work is expected to take place both within the security team as well as with the broader IT teams inside the corporate function as well as in the businesses themselves.

 

【Responsibilities】

- Lead the overall function and own the KPIs representing key shifts expected to be created by the security team

- Provide leadership and mentorship to the team of technical experts representing the wide cross section of security expertise required to run the various shared service capabilities.

- Lead overall objectives to create a roadmap to implement meaningful security improvements

- Provide strategic leadership with regards to the technological approach to addressing structural security issues through shaping the overall security roadmap

- Provide specific leadership towards addressing specific technological issues

- Provide thought leadership towards assessment of IT projects to ensure foundational security expectations are included (and guidance where it is not).

- Provide guidance towards the remediation of security issues in externally hosted IT services. This includes PaaS, IaaS and SaaS services. The services could be security controls themselves delivered through externally hosted parties (e.g. hosted vulnerability management or managed SOC, etc…)

- Guide the team towards secure design and support of all the security shared services that are delivered through cloud-based services.

- Provide security thought leadership to the digital transformation team and other business units towards secure system design and ways to consume data.

Security Framework: contribute to the ongoing definition, communication and roll out of a global Security Framework based on international standards.

- Vendor Management: oversee the vendor and 3rd party assessments and section to ensure adherence to company’s information security expectations.

- Internal Process: oversee the internal processes related to gaining approval for new security projects

- Develop the service model (including financial model) for the security shared services and in conjunction with the SOC and Reporting Director, provide oversight to ongoing quality control and financial management of their delivery.

 

上場大手金融サービス企業が、東京オフィスでセキュリティディレクターを募集しています。

【主な職務内容】

- 機能全体をリードし、セキュリティチームが作成すると予想される重要なシフトを表すKPIを所有する

- 様々な共有サービス機能を実行するために必要なセキュリティの専門知識を幅広く横断的に代表する技術専門家チームにリーダーシップを発揮し、指導を行う

- 有意義なセキュリティ改善を実施するためのロードマップを作成するために、全体的な目標を導く

- 全体的なセキュリティロードマップの策定を通じて、構造的なセキュリティ問題に対処するための技術的アプローチに関して戦略的なリーダーシップを発揮する

- 具体的な技術的課題への対応に向けた具体的なリーダーシップを発揮する

- 基本的なセキュリティ要件が確実に含まれていることを確認するために、 IT プロジェクトの評価に向けて思考のリーダーシップを提供する

- 外部でホストされている IT サービスのセキュリティ問題の修正に向けたガイダンスを提供する

- クラウドベースのサービスを通じて提供されるすべてのセキュリティ共有サービスのセキュアな設計とサポートに向けてチームを導く

- デジタルトランスフォーメーションチームや他のビジネスユニットに対して、セキュ リティなシステム設計やデータの利用方法に関するセキュリ ティ思考のリーダーシップを提供する

セキュリティフレームワーク:国際標準に基づくグローバルなセキュリティフレームワークの継続的な定義、コミュニケーション、展開に貢献する

- ベンダー管理: ベンダーやサードパーティの評価とセクションを監督し、会社の情報セキュリティの期待に確実に準拠する

- 内部プロセス:新規セキュリティプロジェクトの承認取得に関連する内部プロセスを監督する

- セキュリティ共有サービスのサービスモデル(財務モデルを含む)を開発し、SOCおよびレポーティングディレクターと連携して、その提供の継続的な品質管理および財務管理を監督する

 

【会社概要 | Company Details】
リース会社として創業、金融やサービスを通じて、新しい価値、新しいマーケットを作り出し常に成長している日系大手金融サービス企業です。

A major Japanese financial services company that is constantly growing by creating new value and new markets through finance and services.

【就業時間| Working Hours】
9:00 - 18:00(月 - 金)

 

【休日休暇 | Holidays】       

完全週休2日制(土・日)、祝日、年末年始、有給休暇 など

Saturday, Sunday, and National Holidays, Year-end and New Year Holidays, Paid Holidays, Other Special Holidays

 

【福利厚生 | Services / Benefits】          

月額 20,000 円まで定期額実費支給、社会保険完備(健康保険、厚生年金、労災保険)、定期健康診断、雇用保険、屋内原則禁煙(屋外に喫煙所あり)等

Social insurance, Transportation Fee, No smoking indoors allowed (Designated smoking area), etc.

 

 

必須スキル

- A clear understanding of security best practices in Japan and internationally with a proven track record of implementing these in businesses globally

- A demonstrated track record of designing, deploying, reviewing and overseeing implementation of security controls into information technology managed internally as well as through 3rd party providers / hosted services.

- Working knowledge of implementing security controls and overseeing their operation in AWS, Azure, etc..

- A strong understanding of cloud-centric security frameworks such those published by NIST (NIST Special Publication 800-144) and the CSA.

- A very strong technical background especially in matters of server, endpoint and network infrastructure configuration.

- An excellent understanding of developing web applications is a secure fashion

- A practical approach to security whereby both the technical objectives as well as the functional and economic impacts are considered towards effective outcome 

- Demonstrated understanding of technically implementing controls in cloud platforms (IaaS, PaaS), 3rd party SaaS providers, 3rd party vendors as well in on premises data centers, office environments and mobile workforces.

- Security Certifications: GIAC, CEH, CompTIA Security+, CISSP, CISA, CISM, CREST, SABSA and CSA

優遇されるスキル・経験