Information Security Risk Analyst
Location : Tokyo
Post Date : 08 December 2017
Employment Type : Permanent
Job Reference : AO-35BT
Job Classification : Business Transformation
Join a dynamic international Information Security team at a global insurance firm!
Ensure Business Information Security to have an appropriate level of protection for its information assets, in keeping with company standards and the particular risk profile. Support Vulnerability management (dynamic, static scan and subsequent remediation) Support the development, maintenance and update of the Information Security Architecture.
Support delivery of the yearly company information risk countermeasure and associated improvement plan: -Conduct Business Risk Analysis with Application Owners and build its improvement plan -Deliver Information Security projects -Monitor the security risk exposure of the company, and provide comprehensive reports to Management and Group Execute Security improvement projects from a point of business: -Design and implement tools and processes for Information Security. -Monitor and report on delivery of Information Security requirements. -Initiate risk reduction projects or Security Improvement project -Analyze local specific threat, FSA and compliance items Review the report about Interview with information owner or Application Owner Support Vulnerability, Cyber Resiliency and Security Incident Management: -Arrange Penetration Test and subsequent remediation -Support WAF implementation -Respond to security incidents -Support Cyber resiliency -Maintain Web Assets -Maintain Secure SDLC Review all business projects or main gaps and ensure security compliance: -Draft the result of review meeting and security comment with recommended solution. -Explain required security functions and suggestion to project member.
Critical Leadership Competencies： -Communication and Stakeholder management -Planning and Delivery -Fostering and championing a culture of continuous improvements in processes and methods in IT. (Change Leadership) -Understanding the needs and goals of Senior IT Leaders, builds effective relationships with them and stakeholders in department role interacts. (Team Leadership) -Fostering and championing achievement oriented culture, raising bar for individuals and the team. (Result Orientation) -Having a firm grasp of the direction company is taking and It’s role in company’s strategy (Strategic Vision)