情報セキュリティ監査技術者/Information Security Audit Engineer10milliyen

Job Description

• We will build partnerships with client companies to enable them to obtain ISMAP certification for SaaS services.
• Leverage commonality among major certification programs to advance the design, implementation, and adoption of a Cloud Controls Framework (CCF).
• Support and adoption of core services that make up a common security tool stack
• Governance and tracking of SaaS offers Compliance objectives
• Establish and maintain a centralized governance function (eg, information security and business steering continuity committees, risk assessments, policy/standard/exception management programs) Use a hub (S&TO)/spoke (SaaS offering) model

Responsibilities:

• Partner with our clients to enable ISMAP Certification and more for SaaS offers ​
• Leverage commonalities between major certification programs to design, implement and drive adoption of Cloud Controls Framework (CCF)
• Support and drive the adoption of core services that together constitute a Common Security Tooling Stack​
• Implement governance and tracking of SaaS offers Compliance targets​
• Create and maintain centralized governance functions, eg, information security and business steering continuity committees, risk assessments, policy/standards/exception management programs, etc. Using a hub (S&TO) / spoke (SaaS Offers) model

Qualifications

• Includes documentation of ISMAP certification and ongoing maintenance of certification.
• Liaise with external auditors and other internal teams to support certification audits.
• Identifying and driving process improvements
• Work directly with Japan IPA on the ISMAP journey.
• Experience in IT audits, GRC and related fields.
• Experience working in AWS or other cloud environments
• Knowledge of compliance frameworks is a must (ISMAP, SOC2, ISO, etc.)
• Knowledge of core IT processes/services such as SDLC, Identity/User Access Management, Vulnerability Management, Backup and DR processes is beneficial.
• Bachelor's degree with a focus in Information Technology/Computer Science or related field
• Excellent communication skills at all levels of the organization.
• Ability to prioritize in a fast-paced environment
• Ability to balance multiple programs
• Excellent analytical skills
• Being good at teamwork is important
• CISA, CISSP, CCSK or other relevant certifications are preferred.

Japanese: Business level Japanese (N2), Business level English (required)

Qualifications:

• Work with ISMAP certifications including documentation and on-going maintenance of the certification.
• Liaison with external auditor and other internal teams to support certification audits.
• Identify and drive process improvements
• Work directly with Japan IPA on ISMAP journey.
• Proven track record in related field such as IT Audit, GRC, etc.
• Hand on experience with AWS and other cloud environments
• Knowledge of Compliance frameworks is a must (eg, ISMAP, SOC2, ISO)
• Knowledge of Core IT processes / services such as SDLC, Identity/User Access management, Vulnerability Management, Backup and DR processes will be useful
• Bachelors Degree with a focus in Information Technology / Computer Science or related field
• Excellent communications skills at all levels of the organization
• Ability to prioritize in a fast-changing environment
• Ability to balance multiple programs
• Excellent analytical skills
• It's critical that the person is a good team-player
• Relevant certifications like CISA, CISSP, CCSK, others, will be a plus.

Japanese Languages:  Business level Japanese(N2) and business level English required