Information Security Specialist
¥10M - 12M / annum
April 26, 2018
IT and technology
A client is a leading retail company!
Essential duties and responsibilities include:
- Establish and maintain an information management and protection framework for an effective enterprise wide Governance Program; serve as a consultant to business-area leaders
- Manage day-to-day activities, including policies, procedures, training and communication regarding the Governance Program.
- In conjunction with Legal and Compliance identify information management and protection laws and regulations and implement actions to ensure compliance.
- Develop, implement and maintain the policies, systems, and procedures for the management of recorded information throughout its life cycle.
- Identify, track and oversee internal and external compliance and regulatory requirements (PCI, GDPR, Data Privacy, etc.) for the organization including compliance with established policies, procedures, standards, baselines and controls.
- Identify, monitor and manage risks to the organizations physical and electronic information assets. This includes the execution of periodic risk assessments, maintaining a risk register and documenting the decisions that result in the assumption of risk for a decision, initiative or activity impacting physical or electronic information assets.
- Establish the strategy and program to maintain resilience / recover critical business functions and platforms impacted by Information Security incident or natural disaster. Work closely with the IT, Business Continuity and Disaster Recovery Teams.
- Establish and manage the organization wide information security awareness programs.
- Maintain an enterprise wide, cross functional incident response plan is tailored to information security threats and scenarios / critical assets of interest. Train and test key stakeholders on periodic basis.
- Minimum of 6 years of experience in Information Security governance and compliance
- Good knowledge of information risk assessment and compliance needs.
- Good understanding of information security governance frameworks such as NIST, ISO27001, and COBIT.
- Working knowledge of applicable laws, regulations, and standards relating to security and data privacy.
Knowledge, skills and abilities:
- BS or MS degree in Computer Science or related IT degree.
- Excellent communication skills – verbal and written both in Japanese and English.
- Ability to multi-task and prioritize work effectively.
- Highly motivated self-starter with ability to work independently or with a team.
- Strong sense of ownership and driven to manage tasks to completion.
- Appropriate security certifications preferred. (e.g. CISA, CISM, CISSP)
- Overall knowledge of the Retail industry (Preferred).