[Professional Dispatch] Risk Engineer (Security Assurance) - English only OK

求人詳細

Key Responsibilities:
• Lead/perform risk assessment engagements for products (IoT, autonomous driving, AI etc), enterprise, and related information systems or processes.
• Manage technical, process and human related information security risks and ensure compliance for information security policies and regulatory requirements by conducting technical, procedural and operational review of business processes and system controls
• Communicate and escalate risk issues to the appropriate level and department from frontline teams to senior management
• Evaluate technology and business-related controls for integrating business and information system security and risk mitigation efforts for products and enterprise.
• Coordinate and validate business risk justification documents for internal and external governance programs
• Manage third party risk with both internal and external stakeholder

こんな方を求めています

経験・スキル

Requirements (MUST):
• 6+ years’ experience in Information Security
• Experience in technical security, securing products incorporating emerging technologies like IoT, AI, Automotive operating systems
• Experience with risk management, risk assessments and risk assessment methodologies/standards (NIST SP800-30, CIS RAM, etc)
• Experience with regulatory compliance and information security management frameworks (e.g., ISO27001/ISO27002, NIST CSF, CMMC)
• Technical expertise in the security field and experience with security architecture and ability to challenge risk assessments on the technical side
• Experience with multiple risk assessment methods including threat modeling (STRIDE, etc)
• High level of independence and autonomy in leading and performing engagements, including conducting interviews, with a complex set of corporate stakeholders
• Experience in technical assessments of networks, operating systems, cloud environments, etc Excellent written and verbal communication skill

Preferred / Good-To-Have:
• Experience with regulatory compliance and information security management frameworks (e.g., ISO27001/ISO27002, NIST CSF, CMMC)
• Experience in the development and coding experience ideally in IoT, AI, automotive OS
• Experience with compliance especially security and privacy regulations
• Experience building enterprise governance, risk, and compliance programs
• Certified Information Systems Security Professional (CISSP),
• Certified Information Security Manager (CISM)

学歴

大学卒業以上

募集要項

職種

セキュリティコンサルタント、セキュリティエンジニア

給与

年収 800 〜 1,200万円

賞与

-

雇用形態

契約社員

雇用期間

期間の定めなし

就業時間

09:00～18:00

休日休暇

土曜日　日曜日　祝日

保険

健康保険　厚生年金保険　雇用保険

受動喫煙防止措置

敷地内禁煙

特長

上場企業, 土日祝休み

業種

ソフトウェア・情報処理

※詳細はお仕事のご紹介時にお伝えします