外資系生命保険会社でのChapter Lead（Application Security/ Business Information Security Div.）の求人

The Application Security Lead is a key role with responsibility for supporting the secure delivery and maintenance of business applications and infrastructure equipment (servers, networks, cloud, etc.). The Application Security Lead collaborates with other partners within IT and the business to achieve the desired security posture, and balance between business and security. The role requires to work with people at all levels domestic and international.

●The role will include:
・Design and implement security standards, policy guidelines, and appropriate architectural principles for the continued achievement of cybersecurity objectives to ensure the firm’s cyber security goals continue to be met
・Oversee the delivery of cyber security strategic objectives and projects in line with the Group cyber resilience plan
・Collaborating and cooperating with the IT Security teams of Our Group IT / Our International
・Implementing and managing IT security products/vendors
・Collecting and analyzing information related to IT security
・Conducting internal training, workshops, and information dissemination on IT security
・Compiling, analyzing, and reporting information during security incidents
・Responsible for maturing the Security Engineers of the team and provide continuous improvement to the IT Security function; manage the learning and development plan for IT Security including training programs, security team development, etc.
・Key position supporting the implementation of company-wide New Way of Working
・Develop Japan’s cybersecurity response policy and plan
・Drive projects in line with Our Group’s Cyber Security roadmap
・Coordination and cooperation with SOC and CSIRT from IT Hub
・Introduction and management of IT security products/vendors
・Collection and analysis of information related to IT security
・In-house training, workshops, and information dissemination related to IT security
・Compilation, analysis, and reporting of information during security incidents
・Continuous improvement of IT security functions - Formulation and implementation of learning and development plans related to IT security (including employee education, security team development, etc.)

The Chapter Lead is a role model and person to go to that is also a line manager focusing on coaching and helping the people of their chapter grow in their function. The Chapter Lead is also a hands-on position who should spend up to half of their time outside of their management role and engaging in development or execution tasks. This position will work closely with the other leaders within the Japanese business unit but not limited to C-level executives, Risk, IT Security, Product Owners, and other divisions.

●Mandatory
・Established Cyber Security professional with at least 5 years within the broader Security disciplines and security fields.
・Demonstrable understanding of security solutions and designs from a people, process and technology perspective; including security technologies, controls and assessment methodologies.
・Broad knowledge of a wide range of IT Security Technology systems
・Knowledge of established information security frameworks and standards (ie NIST, CIS etc.) and their application into diverse environments
・Experience in building and operating IT infrastructure (servers, networks, office automation systems, etc.)
・Business -level Japanese language skills
・Business-level English language skills
・An understanding of security solutions and design from an organizational, process, and technology perspective, including security techniques, controls, and evaluation methodologies.
・Extensive knowledge of IT security technology systems
・Experience in building and operating IT infrastructure (servers, networks, OA systems, etc.)

●Preferred
・Development experience using public clouds (AWS, Azure, etc.)
・Experience in IT auditing or IT risk assessment
・Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar certifications or credentials
・Knowledge and understanding of relevant legal and regulatory requirements in Japan
・Up-to-date knowledge of methodologies and trends in IT Security
・Cyber risk governance processes and metrics
・Security Information and Event Monitoring solutions
・Threat Intelligence Platform’s
・Application and Network Penetration Testing Methodologies
・Red Team tools and testing
・Data loss prevention technologies
・Cloud and mobile technologies
・Networking and Firewall technologies
・Advanced malware protection - endpoint Security controls/messaging/web
・Intrusion Detection Solutions (IDS/IPS)
・Platforms security including windows desktop and server environments UNIX, Linux
・Third party and supply chain risk security processes
・Vulnerability Management
・Website development and operation experience

●Personal Attributes
・Energetic and positive attitude; can multi task. dynamic and flexible
・Ability to challenge, with high levels of ownership, organizational skills and attention to detail
・Ability to deal with conflicting situations
・Ability to work independently in a timely manner
・Exceptional communication skills and the ability to communicate appropriately at all levels of the organization
・Strong relationship building and interpersonal skills with the ability to work with stakeholders from all levels
・Handles well in high stress situations and tight timelines
・Team Player