The person who will be selected for this role needs to be a highly competent security & risk professional that is able to engage and deliver at management level.
The role requires a broad range of security / compliance skills encompassing information security and risk management, IT compliance and regulatory control framework like SOX FSA, FISC, GxP and the ability to understand and manage the implementation of clients’ security requirements, together with an understanding of Business Continuity & Resilience.
- The development, implementation and management of a comprehensive security controls designated by regulatory requirements for all IT services. In particular, the candidate will ensure Governance & Compliance against the security requirements; influencing policies, standards, and strategic direction based upon client’s Corporate policy mandates. In order to do so the candidate will work closely with the client’s counterpart and management team to ensure that security processes and requirements are being followed and to identify areas of continuous improvement.
- Manage and maintain SOX, FSA, GxP, ISO27001 certificate in the region including internal and external audits.
- The identification and assessment of potential security risks to the organization and development and management of RCM(Risk Control Matrix) which aligns to the client’s IT policies and standard.
- Support the BCM team in crisis management activities and coordinate with them to ensure the required support is provided, including BCP training and awareness programs.
- Providing a general oversight function liaising with local and international groups including Legal, Audit and Risk, and Data Protection.
- In addition, the candidate will need to develop and maintain liaison and contact with external service providers, law enforcement, government and regulatory bodies in connection with their role.
- Bachelor Degree or higher in Information Technology, Computer Science, Engineering, Business or equivalent is preferable.
Required Experience and Skills:
- •Require at least 3-5 years of one of the following types of audit; JSOX(US.SOX), ICOFR, FSA, ISO(27001,9001,20000,22302,etc)
- •Solid working knowledge of Risk Management and internal controls with strong background working in a regulatory/compliance environment.
- •Excellent language proficiency in Japanese (mandatory) and English (mandatory)
- •Superior collaboration skills, communications skills, and documentation skills
- •Significant experience in leading cross-functional project teams with limited direct line responsibility
- •Ability to manage through complexity and ambiguity
- •Solid understanding of Data management, governance and the protection of key business information assets
- •Awareness of relevant industry business (pharmaceutical industry is desired)
- •Deep understanding of multi-cultures in the region and able to effectively work with various stakeholders
Preferred Experience and Skills:
- •Relevant certification credentials are desired such as CISA, CISM CRISC, CISSP
- •IT background in infrastructure or enterprise systems environment.
- •Technical knowledge and understanding of SDLC and GxP principles.
- •Familiarity with advanced/emerging technology trends
- •Natural curiosity and a desire to do things differently
- •Must be able to adapt and rapidly learn new environment and apply findings to solve key business challenges.
- Language requirement
- Japanese (Native), English (Business)