Information Security Specialist
¥1000万 - 1200万 / 年間
4月 26, 2018
A client is a leading retail company!
Essential duties and responsibilities include:
•Establish and maintain an information management and protection framework for an effective enterprise wide Governance Program; serve as a consultant to business-area leaders
•Manage day-to-day activities, including policies, procedures, training and communication regarding the Governance Program.
•In conjunction with Legal and Compliance identify information management and protection laws and regulations and implement actions to ensure compliance.
•Develop, implement and maintain the policies, systems, and procedures for the management of recorded information throughout its life cycle.
•Identify, track and oversee internal and external compliance and regulatory requirements (PCI, GDPR, Data Privacy, etc.) for the organization including compliance with established policies, procedures, standards, baselines and controls.
•Identify, monitor and manage risks to the organizations physical and electronic information assets. This includes the execution of periodic risk assessments, maintaining a risk register and documenting the decisions that result in the assumption of risk for a decision, initiative or activity impacting physical or electronic information assets.
•Establish the strategy and program to maintain resilience / recover critical business functions and platforms impacted by Information Security incident or natural disaster. Work closely with the IT, Business Continuity and Disaster Recovery Teams.
•Establish and manage the organization wide information security awareness programs.
•Maintain an enterprise wide, cross functional incident response plan is tailored to information security threats and scenarios / critical assets of interest. Train and test key stakeholders on periodic basis.
•Minimum of 6 years of experience in Information Security governance and compliance
•Good knowledge of information risk assessment and compliance needs.
•Good understanding of information security governance frameworks such as NIST, ISO27001, and COBIT.
•Working knowledge of applicable laws, regulations, and standards relating to security and data privacy.
Knowledge, skills and abilities:
•BS or MS degree in Computer Science or related IT degree.
•Excellent communication skills – verbal and written both in Japanese and English.
•Ability to multi-task and prioritize work effectively.
•Highly motivated self-starter with ability to work independently or with a team.
•Strong sense of ownership and driven to manage tasks to completion.
•Appropriate security certifications preferred. (e.g. CISA, CISM, CISSP)
•Overall knowledge of the Retail industry (Preferred).