Role: Information Security Specialist – Identity & Access Management / Security Advisory
Location: Tokyo, Japan (with opportunities for remote collaboration with global teams)
About the Role
This position is responsible for safeguarding corporate and customer information by ensuring confidentiality, integrity, and availability. The role focuses on Identity and Access Management (IAM) and providing security advisory support across application and infrastructure services.
Key Responsibilities
Identity & Access Management (IAM)
Implement and maintain data protection controls to prevent unauthorized access and information leakage.
Monitor IAM effectiveness and propose enhancements for continuous security improvement.
Lead initiatives to upgrade IAM platforms (e.g., privileged access and identity governance tools) together with domestic and international teams.
Manage security systems, policies, and procedures in compliance with regulatory frameworks such as PCI, FSA, and SOX.
Participate in relevant industry groups or forums as needed.
Security Advisory
Provide security guidelines and baseline standards to application development teams and infrastructure groups.
Engage in IT service delivery projects from early stages to ensure implementation of secure architecture.
Ensure compliance with internal information security policies and controls.
Act as the primary contact for security-related topics within application and infrastructure domains.
Conduct system risk assessments and deliver timely assessment reports.
Lead and support security maintenance, improvement programs, and cross-regional initiatives.
Promote security awareness and embed best practices into the system lifecycle and daily operations.
Monitor regulatory and industry developments, assess impact, and implement necessary responses.
Prepare progress updates and reports on ongoing programs and overall security posture.
Candidate Qualifications
Education
Bachelor’s degree in Information Security, Computer Science, Information Systems, or a related discipline preferred.
Required Experience
At least 5 years of experience in information security or a related technical security field.
Solid understanding of IT infrastructure, cybersecurity concepts, technology trends, and regulatory requirements.
Ability to prepare clear written reports and deliver professional presentations to various audiences.
Strong willingness to learn new technologies and evolving security practices.
Preferred Experience
Background in application development or IT infrastructure hardening.
Interest in broader security domains, including cybersecurity strategy, IT risk governance, and third-party risk management.
Experience with cloud security, data protection, and incident response.
Familiarity with frameworks such as NIST CSF, PCI DSS, and FISC guidelines.
Professional certifications such as CISSP, CISM, or CISA are advantageous.
Language Requirements
Native-level or equivalent Japanese proficiency, plus intermediate English skills.
Strong motivation to improve English communication (reading, writing, speaking).