Regional Security Officer
- 1000万円 〜 1300万円
外資系損害保険企業にてRegional Security Officer のポジションです。
- The Regional Security Officer (RISO) position will be responsible for the setting the standards, policies, guidelines and implementation of the technology security policies, process and tools across the organization. Furthermore, the RISO will need to work with the global network of RISOs and the Chief Information Security Officer to ensure appropriate alignment of the security roadmap and initiatives with that of the Global organization.
Other responsibilities include:
- Define security policies and procedures that align with the Global policies and procedures and suit the local region’s business and regulatory requirements.
- Interact and collaborate closely with US, UK and broader Asia Pacific security team
- Be able to attend regular evening Security calls and ad-hoc communication with the US and UK after hours
- Interact closely with the business on new projects and advise the business on information security relevant aspects of their technical solutions.
- Conduct regular security awareness training for employees.
- Perform assessments on applications, vendors, processes and projects from an information security perspective
- Identify security gaps and evaluate with IT or other stakeholders options for remediation
- Liaise with subject matter experts (e.g. in Legal, Group Data Protection, Compliance etc.) to gauge severity of security gaps
- Present security assessment results and options to the business and discuss steps for resolution
- Work with the business to close security gaps or to initiate a risk acceptance
- Interact closely with the Business Solutions team to manage risk remediation
- Support the business during Audits and with Audit resolution as it relates to issues that address information security
- - Prior experience in setting standards, policies and security roadmap for the organization.
- Demonstrated experience with assessing, designing, implementing and operating security products like DLP, Websense, IMPERVA, Symantec AV, PGP)
- Prior experience in a risk and control role would be an advantage (e.g. Audit, Data Privacy)
- Ability to manage multi-tasks assignments and efficiently prioritize workload with limited supervision and resilient under pressure
- Good analytical skills to evaluate risks and control processes
- Strong communication skills both verbal or written. Strong English skills and the ability to represent the organization’s security requirements within the larger global organization.
- Must have the ability to deal with people at all levels in a global matrix organization and influence established teams as this is an individual contributor role and therefore will not have any direct reports
- Flexible, pro-active and innovative with an attitude of implementing security solutions to mitigate business risk/problems.
- CISSP would be an asset, other security related certifications (CISM, CISA) will be considered
- Strong communication skills, both verbal and written, in English and Japanese