A Japanese leading financial service company is looking for an experienced Technical Expert (Logging/Monitoring Manager) in its Tokyo, office. The successful candidate will be working at the IT security Architecture and technical team at their group Security Control Department. The team needs to deliver three main tasks as below.
The Logging/Monitoring Manager role sits inside the Architecture and Technical Leadership function whose role is to develop new capabilities globally for information security. As the technical lead for an area that exists as a Global Shared Service, the expectations of the role also extends to the deployment and evolution of the monitoring capability and standard service. This includes being the primary technical expert in driving further integration of the globally standard service and ensuring the correct integration and ongoing operation of the tooling while working with the 3rd party SOC provider to review events and manage the follow-up
The Logging/Monitoring Manager will be responsible for overseeing the external SOC provider from a technology point of view as well as operationally. The tool will have global reach and provide real time monitoring and threat analysis across a highly diverse infrastructure within them as well as hosting providers.
- Manage the toolset to drive the execution of the Monitoring PKIs
- Ensure that the service is generating the expected visibility on the attacks/threats
- Create a global visibility of threats: Collect the output and form meaningful reports
- Manage the communication of the results and expected remediation tasks with the respective technical teams in each business across.
- Prioritize and manage the investigation of the events deemed a threat by the 3rd party SOC
- Integrate toolsets that exist in established businesses with the global toolset to deliver a unified view on vulnerabilities across the business (e.g. GRC and Vulnerability Scanning tooling)
- Partner with businesses to create tactical remediation plans.
- Advise and guide on the analysis of events and means to address them
Whereas the toolset platform management itself will be the responsibility of the shared service or specific business, the Logging/Monitoring Manager is expected to leverage the use of the 3rd party SOC provider and the relevant toolset to deliver the outcomes noted.
The role is expected to interact with the Logging/Monitoring Analyst and service manager for the Logging/Monitoring toolset and 3rd party SOC provider
Essential Duties and Responsibilities:
- Work under the direction of the Director of Architecture and Technical Leadership
- Manage effective working relationships with all stakeholders and customer organizations
- Ensure flexible, efficient and cost-effective logging and monitoring strategies are defined
- Ensure effective team working relationships within all areas of the IT group.
- Design the overall monitoring toolset and ensure that it is operating effectively.
- Oversight on the 3rd party SOC provider and ensuring the services are delivered as contracted
- Lead in the investigation of suspicious activity and providing leadership in the process of containing and any security events identified.
- Advise (based on threats detected) on technical and operational means to counter any threats or attacks.
- Contribute to the overall security strategy in such way that effectively providers countermeasures to the threats that are being identified.
- Provide support to the audit or compliance team with regards to the demonstration of the monitoring controls that are in place and also supporting any investigation that require information contained in the monitoring platform.
- Engaging various teams locally and abroad, ensuring collaboration towards monitoring of security events, analysis of alerts and treatment of suspected security events.
- Act as a subject matter expert on matters identified through the security monitoring process and provide practical and effective treatment options. Be capable of engaging information asset owners as well as technology managers to explain these measures
- Work closely with the 3rd party SOC providers and monitoring platform operators to give them guidance to what is expected and ensure requisite information is being produced.
- Be capable of creating functional reports to foster understanding of the situation as well as help drive meaningful change.
- Understand how to leverage 3rd party expertise on areas where the individual is not an expert while presenting and owning the holistic solution (one point of accountability for logging and monitoring management).
Founded as a leasing company, one of major Japanese financial services company that is constantly growing, creating new value and new markets through finance and services.
9:00 - 18:00（Mon - Fri）
Saturday, Sunday, Year-end and New Year Holidays, Paid Holidays, Other Special Holidays
Social insurance, Transportation Fee, No smoking indoors allowed (Designated smoking area), etc.
- A clear understanding of on-premises and cloud-oriented Security Monitoring technology, its integration into an organization and ongoing operation (including performance tuning)
- Working knowledge of Rapid7, ArcSight, QRadar and Splunk
- An understanding of security monitoring standards / guidelines such as NIST Special Publication 800-137, etc…
- A very strong technical background especially in matters of server, endpoint and network infrastructure configuration.
- A practical approach to security whereby both the technical objectives as well as the functional and economic impacts are considered towards effective outcomes
- Good communication skills (written and verbal) to be capable of engaging both technical and operational staff and vendors in explaining findings and required actions
- Sound knowledge of business operational processes with regards to change management, operational management and quality control.
- Demonstrated understanding of technically implementing controls in cloud platforms (IaaS, PaaS), 3rd party SaaS providers, 3rd party vendors as well in on premises data centers, office environments and mobile workforces.