Cybersecurity Specialist (GRC)

The successful candidate will play a critical role in our Information Security Management System project and compliance activities across the organization

Responsibilities

• Contribute to the ISO27001 certification project and compliance activity across the organization.
• Plan, develop, implement and enhance various process of Cybersecurity and Risk Management Program (not limited to):
• Security Risk Management
• Physical Security Management
• Human Resource Security
• Supplier Risk Management
• Internal Review & Compliance
• Business Continuity Management
• Identity and Access Management


• Perform data protection and governance activities to ensure the security and privacy of all data.
• Perform cybersecurity operational activities (not limited to):
• Security onboarding and awareness
• Security review or consultation
• Contract and agreement review
• Change management process
• Responding to customer inquiries and external assessments related to Cybersecurity


• Maintain relationships with multiple stakeholders to ensure smooth program implementation and awareness of the importance of cybersecurity/risk management culture.
• Cooperate with technical personnel both inside and outside of the Cybersecurity team to implement the program
• Provide support on cybersecurity-related activities or work that is important for the company.

Required Skills

• Bachelor’s degree or equivalent experience required in a relevant field.
• More than 3 years of cybersecurity operations and/or security risk management experience.
• Sound knowledge of or hands-on experience with information security management systems (ISMS) audit and standards/frameworks, such as ISO27001/2, NIST, etc.
• Knowledge and understanding of security and privacy laws/regulatory compliance.
• Excellent written and verbal communication skills, including customer relationships.
• Teamwork and ability to adapt to a fast-paced working environment.

Preferred Qualifications

• Master’s degree in a relevant field and/or certifications (CISSP, CISM, PMP, ISO 27001) holder
• More than 5 years of cybersecurity operations and/or security risk management experience.
• Sound technical expertise in the cybersecurity, privacy and data protection fields.
• Proven record of planning and building organizational governance, risk, and compliance programs to meet standards, regulatory requirements and obtaining industry certifications (e.g., ISO 27001, IEC 62443, SOC 2).

Location3-8-5 Tatsumi, Koto-ku, Tokyo 135-0053, JapanNearest Station: Tatsumi Station, Shinonome Station
Work Hours8:45 - 17:45 (with a 60-minute break)
Salary・Flexible, depending on experience and skills・Salary revision twice a year・Additional bonuses or incentives may be available based on performance
Holidays・Two days off per week (Every Saturday and Sunday)・Annual paid leave・Year-end vacations・Celebration or condolence leave・Family caregiver leave・Maternity leave・Childcare leave・Other holidays as defined by the company
Company Benefits・Flexible dress code policy・Commuting allowance・Social insurance (including Employment, Industrial Accident Compensation, Health Insurance, and Pension)・Free buffet lunch every workday・Free vending machines (offering drinks and snacks)・High-end coffee machine・Exclusive Employee Gym Access・Monthly team dinner support
Relocation SupportIf you relocate from outside of Japan, we will provide the following support.・Visa sponsorship・One-way flight to Japan・Shipping expenses covered up to a specified limit・Temporary housing assist・Permanent housing assist