|部署・役職名||Share this Job IT, IT Risk ＆ Security, IT Third Party Risk Management Senior Analyst|
We are looking for Information Security Professional for a leading life insurance company based in Tokyo and remotely work with offshore offices.
You will be expected to play a critical role as IT Third Party Risk Management Senior Analyst to assess the information security risk and control of the third parties.
Expect to provide hands－on work for the daily activities and propose solutions to the improvement initiatives.
Immediate focus areas will be information security risk assessments and inspection for the third parties handling our company’s customer’s personal information and company secret.
Expect to promote our IT Risk ＆ Security programs by working closely in the IT organization and with other control functions as well as related businesses.
Ensure our IT Third Party Risk Management which include information security risk assessment and inspection for the third parties to protect our company’s customer’s personal information and company secret from leakage.
Also, follow－up the progress of the third party’s risk remediation plans.
Expect to be a subject matter expert in one or more of following key areas: information security, application security, infra ＆ network security, cyber security, IT risk assessment, IT audit, personal information protection, security incident response.
Communicate with the person in charge of the outsourcer department and the person in charge of the procurement department to proceed smoothly the assessment and inspection for the third parties.
Execute incident response process for the company by closely working with any related teams at the time of company secret leakage.
Respond to the regulatory changes or industry wide trends relating to personal information protection and analyze for implications or measures to be taken as necessary.
Minimum of 5 years of hands－on experience in IT Risk ＆ Security or IT Audit related field.
Business level English and advanced level Japanese
Ability to prepare accurate reports for all levels of staff in an appropriate clear language and provide oral presentation.
Willing to learn new IT technologies and achieve goals in IT Risk ＆ Security.
Interest in broader risk management areas such as IT security, IT risk governance and emerging tech risk management.
Experience or interest in financial industry particularly life insurance.
Familiar with regulatory/industry standards （NIST CSF, PCI DSS, FISC）
CISA or similar certification is a plus