BRSコンサルタント
Yang Xu
Inhouse IT
NEW
求人番号:Job-00254879
掲載日:2024-04-26
Information & Product Security officer
Bring your security expertise to a global med device firm
1400 - 1800 万円
東京
IT
IT監査 / ITセキュリティ / ITリスク
募集要項
- 会社概要
- 同社は大手エレクトロニクス機器企業です。ヘルスケアや消費財含め、様々な事業を行っています。
- 業務内容
-
General
- Support/localize information & product security awareness, training and education programs.
- Supports, creation, approval and embedding of information/product security policies, adaptions, standards.
- Establish & deliver centralized reporting within and to the business markets on the effectiveness of the information & product security function and its performance against strategic objectives.
- Aligns with the supplier security team on information & product security issues related to suppliers/partners/3rd party ecosystems. Product & Services Security
- Creating products & services security strategies, both short-term and long-range, in support of the business goals.
- dentify product/services security requirements throughout the Idea-to-market (I2M)/ Product Development Lifecycle Management and work with other teams as necessary to provide mitigation and cost/benefit analysis.
- Directing an ongoing, proactive product & services security risk assessment program so effective controls can be put in place for those areas presenting the greatest information security risk.
- Communicating risks and recommendations to mitigate risks to the senior management
- Supporting businesses in maintaining external business certifications and compliance with other (international) guidelines for information security.
- Assisting with business internal audits and overseeing and guiding external audits related to its products and services in the markets.
- Creating products & services security strategies, both short-term and long-range, in support of the business goals.
- Be an authority on the Security Management Framework: policies (tactical level), processes and risk management designs. Drive and support compliance/policy/risk reviews for your assigned market areas/business units.
- Engage with business, markets and functions to identify improvement opportunities across secure foundation, information protection, secure access to business information/assets , threat/ incidents response capabilities and vulnerabilities mitigation.
- Help businesses and markets in making their own information (application) security assessments and sample assessments in order to audit compliance and report on compliance.
- Drive local business on the implementation of ISMS (High level controls and Technical Baselines), gather information and assess risk together with the risk management team.
- Support the embedding of Information Security (e.g. ISMS, client requirements, Technical Baselines) within business/markets/ functions operations and various environments.
- Support the Market Japan ISO27001 certification and improvement
- 応募条件
-
Minimum
- A Master’s degree or equivalent combination of education and work experience
- Minimum of 10 years in product/information security or risk management and/or related functions (such as IT audit, IT Risk Management and IT Compliance)
- Excellent knowledge of ISO27001/2 and NIST Cybersecurity frameworks
- Information security management or audit qualifications such as CISM/ CISSP/ CISA/ CRISC
- Experience in the creation and enforcement of information security (including the sensitivity to establish a risk based view on compliance), including compliance reporting
- Experience in Health information security and risk management (ISO 27799, ISO/IEC 80001, DIACAP)
- Familiar with Laws and regulations on privacy, data protection, and breach notification, such as HIPAA, FDA, GDPR, ISO/TS 14265, 21CFR820 and equivalent Japanese laws
- Domain specific standards and approaches on privacy and product security (DICOM, IHE)
- Experience working in a large global organization with practical experience in a highly regulated environment
- Strong interpersonal skills – communication, presentation, ability to influence and lead
- Self-motivated, positive attitude, and results-oriented
- English fluency
- Willingness to travel as needed
- 給与
- 1400 - 1800 万円
- 勤務地
- 東京