Information Security Specialist (#453)

Job Purpose
Strengthen security controls and measures across applications and infrastructure to protect information assets from data leakage and unauthorized access.

Key Responsibilities

• IT Project Security Review: Review IT architecture in various projects and define security requirements (encryption, data protection, access control, authentication/authorization, etc.).

• Cloud Service Security: Evaluate and define security requirements for SaaS, PaaS, and IaaS adoption.

• Security Testing: Conduct penetration tests, SAST/IAST/DAST, and other security assessments to identify and remediate vulnerabilities.

• Security Monitoring: Define and manage WAF/FW policies, assess risks, and propose mitigation measures.

• Advisory Support: Provide expert advice and respond to security-related inquiries from IT and business units.

• Audit & Compliance: Support security audits, address findings, and implement corrective actions.

Qualifications & Skills

• Experience in Information Security, IT Audit, or IT Development/Operations.

• Strong knowledge of industry standards and best practices (ISO 27K, NIST, Privacy Mark, PCI-DSS, OWASP, etc.).

• Excellent communication, documentation, and problem-solving skills.

• Experience in security reviews, assessments, and improvement planning (cloud and AI security included).

• Preferred certifications: CISA, CISM, CISSP, CCSP, AWS certifications.

• Bilingual in English and Japanese