【大手金融サービス企業】IT セキュリティ エンジニア (ログ解析、監視)

Based on experience
ビジネスレベル(JLPT Level 1)
中級(TOEIC 600)


A Japanese leading financial service company is looking for an experienced Security Analyst (Logging/Monitoring) in its Tokyo, office.

The successful candidate will be working at management of shared service team at their group Security Control Department and this position will be required to deliver two main tasks as below:


- Security operations and reporting

- Threat Intelligence


The Logging/Monitoring Analyst role sits inside the SOC and Reporting function whose role is to oversee the effective operation of security controls.

Most of this effort is towards the actual operation of shared security capabilities delivered through centrally run services. These are centered around vulnerability management, asset management, logging & monitoring and awareness training.


As the technical lead for an area that exists as a Global Shared Service, the expectations of the role also extends to the deployment and evolution of the monitoring capability and standard service. This includes supporting the primary technical expert in driving further integration of the globally standard service and ensuring the correct integration and ongoing operation of the tooling while working with the 3rd party SOC provider to review events and manage follow-up as follow:


The Logging/Monitoring Analyst will work with the external SOC provider from a technology point of view as well as operationally.

The tool will have global reach and provide real time monitoring and threat analysis across a highly diverse infrastructure within the company as well as hosting providers.

-  Manage the toolset to drive the execution of the Monitoring PKIs

-  Ensure that the service is generating the expected visibility on the attacks/threats

-  Create a global visibility of threats: Collect the output and form meaningful reports

-  Integrate toolsets that exist in established businesses with the global toolset to deliver a unified view on vulnerabilities across the business (e.g. GRC and Vulnerability Scanning tooling)

The main overall focus will the management of the toolset platform itself and to extract meaningful performance information to demonstrate correct functioning. Additionally, to extract and report the information pertinent to events that require further investigation and to support these investigations.


【Duties and Responsibilities】

- Work under the direction of the Director of SOC and Reporting function.

- Manage effective working relationships with all stakeholders and customer organizations

- Ensure flexible, efficient and cost-effective logging and monitoring strategies are defined

- Ensure effective team working relationships within all areas of the IT group.

- Operate the overall monitoring toolset in conjunction with the 3rd party SOC provider and ensure that it is operating effectively.

- Oversight on the 3rd party SOC provider and ensuring the services are delivered as contracted Support the investigation of suspicious activity and provide advisory and technical details in the process of containing any security events identified etc.




- セキュリティ運用とレポート
- 脅威インテリジェンス








- ツールセットを管理して、監視PKIの実行促進

- サービスが攻撃/脅威に対して期待される可視性を生成していることを確認する

- 脅威のグローバルな可視性を作成する:出力を収集し、意味のあるレポートを作成する

- 確立されたビジネスに存在するツールセットをグローバルツールセットと統合して、ビジネス全体の脆弱性に関する統一されたビューを提供する(GRCや脆弱性スキャンツールなど)



- SOCおよびレポート機能のディレクターの指示の元で作業する

- すべての利害関係者および顧客組織との効果的な協力関係を管理する

- 柔軟で効率的かつ費用効果の高いロギングおよびモニタリング戦略が定義されていることを確認する

- ITグループのすべての領域内で効果的なチーム作業関係を確保する

- サードパーティのSOCプロバイダーと連携して全体的な監視ツールセットを操作し、それが効果的に動作していることを確認する

- サードパーティのSOCプロバイダーの監視、およびサービスが契約どおりに提供されることの確認疑わしいアクティビティの調査をサポートし、特定されたセキュリティイベントなどを封じ込めるプロセスで助言および技術的な詳細を提供する


【会社概要 | Company Details】

Founded as a leasing company, a major Japanese financial services company that is constantly growing, creating new value and new markets through finance and services.

【就業時間 | Working Hours】
9:00 - 18:00(Mon - Fri)


【休日休暇 | Holidays】
Saturday, Sunday, and National Holidays, Year-end and New Year Holidays, Paid Holidays, Other Special Holidays


【待遇・福利厚生 | Services / Benefits】   

Social insurance, Commuting allowance, No indoor smoking (designated smoking area) etc.




- A clear understanding of on-premises and cloud-oriented Security Monitoring technology, its integration into an organization and ongoing operation (including performance tuning)

- Working knowledge of Rapid7, ArcSight, QRadar and Splunk

- An understanding of security monitoring standards / guidelines such as NIST Special Publication 800-137, etc…

- A very strong technical background especially in matters of server, endpoint and network infrastructure configuration.

- A practical approach to security whereby both the technical objectives as well as the functional and economic impacts are considered towards effective outcomes

- Good communication skills (written and verbal) to be capable of engaging both technical and operational staff and vendors in explaining findings and required actions etc.


- オンプレミスおよびクラウド指向のセキュリティ監視テクノロジー、組織への統合、および継続的な運用(パフォーマンスチューニングを含む)に関する豊富なご経験

- Rapid7、ArcSight、QRadar、Splunkの実用的な知識

- NIST Special Publication800-137などのセキュリティ監視標準/ガイドラインの理解

- 特にサーバー、エンドポイント、ネットワークインフラストラクチャの構成に関する非常に強力な技術的バックグラウンド

- セキュリティへの実用的なアプローチ

- 調査結果や必要なアクションなどを説明する際に、技術スタッフと運用スタッフおよびベンダーの両方を関与させることができる優れたコミュニケーションスキル(書面および口頭)など