Security Specialist (#387)

The purpose of this role is to strengthen security controls and measures within applications and infrastructure to protect the organization’s information assets from data breaches and unauthorized access.

Requirements:

• IT Project Security Review: Define security requirements from the perspective of data protection (e.g., encryption, data labeling), access control, authentication, and authorization in applications and systems.
• Cloud Service Security Review: Evaluate cloud services (SaaS, PaaS, IaaS) and ensure that security measures are properly implemented to mitigate risks.
• Security Testing: Conduct various security tests, including penetration testing (pen tests), Static Application Security Testing (SAST), Interactive Application Security Testing (IAST), and Dynamic Application Security Testing (DAST), to identify and remediate vulnerabilities in systems and applications.
• Security Monitoring: Define policies for Web Application Firewalls (WAF), Firewalls (FW), and other security systems.

Job qualifications: 

• Work experience in Information Security
• Good knowledge of industry standard, regulations and security best practices such as ISO 27K,NIST,Privacy Mark, PCI-DSS, OWASP etc. and other security best practices and regulations
• Strong communication and documentation skills to articulate complex security concepts clearly to both technical and non-technical stakeholders.
• Security review skills, including expertise in cloud security and AI security.
• Security assessment skills to identify vulnerabilities and implement remediation actions.
• Problem solving ability
• Preferred security/IT-related certifications (CISA), (CISM), (CISSP), (CCSP) or AWS Certified Security
• Bilingual proficiency in Japanese and English (business level)