【生命保険業界 】Application Security Lead - JPY 15Mil

Position Summary:

As the Application Security Lead, you play a pivotal role in safeguarding the integrity and functionality of our business applications and infrastructure. This encompasses a spectrum of responsibilities ranging from overseeing servers and networks to managing cloud systems. Collaboration with both domestic and international IT and business partners is integral to balancing security requirements with operational needs.

Primary Responsibilities:

• Establish and uphold security standards, policies, and architectural guidelines to align with cybersecurity objectives.
• Lead key cybersecurity initiatives in accordance with the company's cyber resilience strategy. Manage the implementation of IT security solutions and liaise with vendors.
• Collect and analyze pertinent IT security data to inform decision-making. Conduct internal training sessions and workshops to disseminate IT security knowledge.
• Handle reporting and analysis during security incidents. Foster the professional growth of the Security Engineers team by overseeing their learning and development initiatives.
• Support the adoption of new organizational methodologies company-wide. Develop and maintain Japan's cybersecurity response policies and plans.
• Execute projects in alignment with NN Group's Cyber Security roadmap. Collaborate closely with the Security Operations Center (SOC) and Computer Security Incident Response Team (CSIRT) within the IT Hub. Continuously enhance IT security capabilities, including the formulation and execution of employee training and development plans.
• Serve as a mentor and coach to team members, facilitating their professional advancement. Engage in hands-on development or execution tasks for up to 50% of the time.
• Collaborate with leaders across the Japanese business unit, including executives, risk managers, IT Security, Product Owners, and other relevant departments.

Skills and Qualifications:

Required:

• Minimum of 5 years of experience across various security domains.
• Comprehensive understanding of security solutions and designs across organizational, procedural, and technological dimensions. Extensive knowledge of IT security technologies.
• Familiarity with information security frameworks and standards such as NIST and CIS. Experience with IT infrastructure, including servers, networks, and office systems.
• Proficiency in both Japanese (N2 at least) and English at a business level.
• Broad understanding of security techniques, controls, and assessment methodologies.

Preferred:

• Experience with public cloud platforms like AWS and Azure. Background in IT auditing or IT risk assessment. Relevant certifications such as CISSP, CISM, CISA, or CRISC.
• Knowledge of Japanese legal and regulatory requirements. Up-to-date knowledge of IT security methodologies and trends.
• Experience with cyber risk governance, SIEM solutions, threat intelligence platforms, penetration testing, Red Team tools, data loss prevention, cloud and mobile technologies, networking and firewall technologies, advanced malware protection, IDS/IPS, UNIX/Linux security, third-party risk security processes, and vulnerability management.
• Experience in website development and operations.