IT Security Manager
Global, multinational Food & Beverage maker
Business Systems Division - Governance & Operations Division
Security Service Department - Compliance Operations Section
Responsible for legally obligatory business process control and IT general control planning and operation monitoring, audit trail maintenance, and problem improvement activities.
This position is a leading role in leading various projects aimed at legal compliance of Internal IT system operations and compliance with general IT controls, and preventing events that are against IT compliance.
- Coordinates and collaborates with legal compliance and general affairs departments in charge of legal compliance and governance, and is responsible for various activities aimed at legal compliance of IT system structure and operations and compliance with IT general controls.
- From the perspective of IT general control, be responsible for auditing user authority, approval and auditing of user payout, preparation and submission of trails in the current state of various systems in external audits.
- Security inspections for new/existing vendors and contractors and regular audit work.
- Security audit work for IT vendors or OT vendors that deal
- Personal information deposit, or work requiring the deposit of my number, security audit of contractor and preparation/report of records
- Business related to approval/denial of core system user application, business related to approval/denial of VPN user application
- Maintenance of security-related regulations (drafting, revision, issuance)
- Response to annual external audits (IT general control audits) Collection and compilation of trails, cooperation with internal audit department
- Business related to planning, production and execution of security enlightenment education for existing CCBJI employees and new employees
- Business management of departmental staff, and management as time management, attendance management, etc.
- Fluency in both Japanese and English, must be able to read, write with little effort and possess strong negotiation/ business partnership skills.
- Work related to general IT control and audit: 5 years or more
- Work related to information security management: 5 years or more
- Construction of customer security environment and controls at vendors and consulting companies
- Information security management operations in the security departments of operating companies (technical environment maintenance, system maintenance, incident response, etc.
- Small-scale team (about 5 people) management work (refers to managerial experience. Excludes field managerial experience such as general team leaders)
Nice to have:
- Information processing engineer examination, etc. Basic IT qualification or CISA (Certified System Auditor)/System audit engineer qualification will be selected with priority.
- In addition, other security related qualifications such as CISM, CISSP, GIAC Security, CompTIA Security+, and advanced qualification holders are still acceptable (not required)