IT / インフォメーション・テクノロジー
Security Specialist (P3) - Technical Security Assurance
1. Support delivery of the yearly company information risk countermeasure and associated improvement plan.
- Conduct Business Risk Analysis with Application Owners and build its improvement plan
- Deliver Information Security projects
- Monitor the security risk exposure of AXA, and provide comprehensive reports to Management and Group
2. Execute Security improvement projects from a point of business
-Design and implement tools and processes for Information Security.
-Monitor and report on delivery of Information Security requirements.
- Initiate risk reduction projects or Security Improvement project
- analyze local specific threat, FSA and compliance items
- Review the report about Interview with information owner or Application Owner
3. Support Vulnerability, Cyber Resiliency and Security Incident Management
- Arrange Penetration Test and subsequent remediation
- Support operations of cloud native security services (e.g. AWS)
- Respond to security incidents
- Support Cyber resiliency
- Maintain Web Assets
- Maintain Secure SDLC
4. Support the security architecture framework
- Support the development, maintenance and update of the Information Security Architecture (including Cloud platforms) for the AXA Group
- Contribute to the projects related to the development of the IS Strategy & Architecture function
- Contribute to information security architecture good practice
- Contribute to the set-up and establish global information security design authority
5. Review all business projects or main gaps and ensure security compliance
- Draft the result of review meeting and security comment with recommended solution.
- Explain required security functions and suggestion to project member.
6. Control AXA Life Japan vendors
- Conduct 3rd vendors security inspection
- Make a report and suggestion to mitigate risks
- Understand the company strategy and annual target within your role and task area
- Join and lead group wide or companywide conference
- Become the leader of one or more taskforce
- Link your task and business goals
- Streamline any existing process and do KT to other team members
- Communication and Stakeholder management
- Planning and delivery
- Understanding the needs and goals of Senior Leaders, builds effective relationships with them and stakeholders in department role interacts.
- Fostering and championing achievement oriented culture, raising bar for individuals and the team.
- CISSP, CISM, RISS or any equivalent security certificate is a plus.
- CCSP、AWS security related certificates is a plus
- Business level Japanese (JLPT N2 or N1 level) and English skill is required
Depending on your skill and experience
※Difficult to hire anyone outside of Japan due to the limitation for COVID19