122976

• As a member of the APAC/Global Information Security team, he/she will support all operations in accordance with Zurich Group's security standards., Under the management and supervision of the Business Information Security Officer (BISO) and in frequent collaboration with APAC/Global colleagues, IT departments and business users, support all information security activities of the Group's affiliates operating in Japan (General and life insurance companies)
• The team will work together to perform the following tasks as requested by Group Information Security/Japan entities. , , ・Verify security metrics provided by the group and drive remediation., ・Explain the Group's information security strategy and initiatives to stakeholders in Japan., ・Serve as a Subject Matter Expert in the evaluation framework implemented by the group and help ensure that it is properly understood and properly executed by the Japanese counterparts. Review deliverables to ensure accuracy and quality., ・Responsible for various activities required for security governance in Japan
• Conduct activities to ensure transparency on information security topics for stakeholders in Japan , ・Share regional and local level dashboards to help Japanese stakeholders understand their exposure to IT security risks and necessary actions. , ・Work with Risk Management team to assess BU's cyber risk exposure, ・Engage with business/IT to support coordination/implementation/improvement of the following assessments and drive appropriate risk management：, ・Cloud Security Assessment, ・Business/IT Application/IT Risk Assessment, including pre- and post-implementation reviews and major changes, ・Thematic security review, ・Regulatory assessment（Local regulation, PCI etc）, ・Vendor security assessment, ・Exception management
• 2）Information security Risk & Compliance
• Work with business/IT to ensure application security controls are in place throughout the application development lifecycle (in collaboration with the global application security team) , ・Work with the group to support the development of local DevSecOps capabilities, ・Work with various teams to identify and address security risks associated with the local cloud environment
• Coordinate and facilitate IT security incident response and forensic investigations (supported by the Global Cyber Response Team)
• 4）Security Incident Response
• Support implementation of security awareness and education programs, ・ Promote group-led security awareness and education activities
• 5）Security awareness / education
• 1）Integrity and a high sense of ethics and responsibility, 2）Advanced Japanese (native Japanese speaker or Japanese Language Proficiency Test Level 1, business conversation and reading/writing) , 3）Advanced English (native English speaker, TOEIC score of 860 or higher, capable of teleconferencing) , 4）University diploma, 5）5-8 years of work experience, of which at least 3 years in an information security related department, 6）High level consulting skills and the ability to communicate a wide range of security-related topics to internal and external stakeholders. , 7）Must possess one or more of the following qualifications (or their equivalents)., （CISSP,CISA,CISM,IPA情報処理安全確保支援士）, 8）Understanding the big picture of IT technologies and processes (cloud, operating systems, databases, networks, etc.), 9）Ability to think and act logically in order to work proactively

7時間）

• 6時00分から22時00分、コアタイム なし、1日における最低勤務時間 4時間
• 6週間の特別有給休暇。社員の性別を問わず取得できる制度）、慶弔休暇、産前産後休暇、ボランティア休暇、Re-Creation休暇
• EAP: Employee Assistance Program（従業員支援プログラム）、育児休職制度、育児時間制度、介護休職制度、フレックスタイム制度、短時間勤務制度、時差勤務制度、育児休職者の早期復職支援手当、シフト勤務に対する育児支援手当、社内クラブ活動、ドレスコードフリー(服装自由)、オンライン自己啓発プログラム、副業、兼業（届出制）