【COMPANY OVERVIEW】

Japanese leading online dating app developer / マッチングアプリ開発企業

【JOB RESPONSIBILITIES】

U.S. SOX IT general control process operation and improvement
Response to various laws and regulations, regulatory ministries, incorporated associations, platform risks, etc.
Activities related to obtaining and renewing third-party certifications such as ISMS and P Mark
Process operation and improvement of vendor security assessment
Maintenance and operation of information asset management ledger and risk assessment based on it
Operation and improvement of internal security policy
In-house information security education and awareness improvement measures

【REQUIREMENTS】

Mandatory:

想定業務の記載内容のいずれかに関係する実務経験
ITインフラ運用やアプリケーション開発に関する基本的な知識を持ち、エンジニアへのヒアリングやディスカッションを円滑に行えること
ビジネスレベル以上の日本語力および英語力（社内外のステークホルダーと議論ができるレベル）
セキュリティに関連する各種フレームワーク、法令、基準に関する基本的な知識（PCI DSS / 改正割賦販売法、個人情報保護法、米国におけるSOX法、ISMS / ISO 27001、NIST CSF、CIS Controls など）

Practical experience related to any of the contents described in the expected work
Must have basic knowledge of IT infrastructure operation and application development, and be able to smoothly conduct interviews and discussions with engineers.
Must have Japanese and English proficiency at a business level or above, and be able to engage in discussions with internal and external stakeholders in both languages.
Basic knowledge of various security-related frameworks, laws, and standards (PCI DSS / Revised Installment Sales Act, Personal Information Protection Act, SOX Act in the United States, ISMS / ISO 27001, NIST CSF, CIS Controls, etc.)

Desirable:

Experience in actively discussing, aligning interests, and building consensus with stakeholders with multiple different viewpoints in the fields of information security and compliance.
Practical experience in risk assessment and audit work in public clouds such as AWS and GCP, and modern environments such as Kubernetes.

【FOR FURTHER INFORMATION】

Security Compliance Analyst / セキュリティコンプライアンスアナリスト