Technical Security Assurance Manager(L1), Secruity
- 求人番号
- NJB2173962
- 採用企業名
- 外資系生命保険会社
- 職種
-
IT(PM・SE) - 金融システム
IT(PM・SE) - セキュリティエンジニア
- 雇用形態
- 無期雇用
- 勤務地
-
東京都
- 仕事内容
-
We are seeking an experienced and highly skilled Technical Security Assurance Manager to join our organization. As an Technical Security Assurance Manager, you will be responsible for ensuring the security and integrity of our applications, systems, and networks. You will lead a team of security professionals and collaborate with cross-functional teams to develop and implement robust security measures. Your expertise in application security will be crucial in identifying vulnerabilities, assessing risks, and designing and implementing appropriate security controls for our B2C and B2B applications. This is a challenging and rewarding role that requires strong leadership, technical proficiency, and a deep understanding of application security best practices.
■Major Responsibilities Include:
1.Lead and manage a team of application security professionals, providing guidance, mentoring, and support in the execution of their responsibilities.
2.Develop and implement a comprehensive application security strategy and roadmap to protect our applications, systems, and networks.
3.Conduct regular security assessments and penetration testing of applications, identifying vulnerabilities and potential risks.
4.Collaborate with development teams to integrate secure coding practices and security controls into the software development life cycle (SDLC).
5.Perform code reviews and security testing to identify and remediate security vulnerabilities in applications.
6.Stay up to date with the latest industry trends, emerging threats, and best practices in application security, and recommend appropriate security solutions and enhancements.
7.Support to develop and deliver application security training and awareness programs to promote a security-conscious culture within the organization.
8.Collaborate with stakeholders across the organization, including developers, system administrators, and project managers, to ensure the effective implementation of security controls.
9.Develop and maintain security policies, standards, and procedures related to application security.
10.Support to manage vendor relationships and assess the security posture of third-party applications and services.
11.Participate in application architecture review workshops and provide review comments.
12.Review and approve application security review requests for network, application exceptions and risks.
13.Support to monitor and investigate security incidents, and coordinate incident response activities as necessary.
14.Prepare and present regular reports and metrics on the state of application security to senior management and stakeholders.
■休日:完全週休二日制, 土, 日, 祝日, GW, 夏季休暇, 年末年始
- 求める経験
年齢制限の理由 -
1.Bachelor's degree in Computer Science, Information Security, or a related field. A master's degree is a plus.
2.Proven experience (X years) in application security, including hands-on experience with secure coding, vulnerability assessments, and penetration testing.
3.Strong knowledge of web application security vulnerabilities (OWASP Top 10) and associated mitigation techniques.
4.In-depth understanding of application security best practices, industry standards, and regulatory requirements (e.g., PCI DSS, HIPAA, GDPR).
5.Experience in leading and managing a team of security professionals, providing guidance and support in a dynamic environment.
6.Proficiency in security assessment tools and techniques, such as static analysis, dynamic analysis, and manual code reviews.
7.Familiarity with secure coding practices, frameworks (e.g., SDL, BSIMM), and secure development methodologies (e.g., DevSecOps).
8.Strong knowledge of network protocols, web technologies, and common application architectures.
9.Excellent problem-solving and analytical skills, with the ability to assess complex situations and provide effective solutions.
10.Strong communication and interpersonal skills, with the ability to communicate complex security concepts to technical and non-technical stakeholders.
11.Relevant certifications, such as CISA CISSP, CSSLP, CEH, or OSCP, are highly desirable.
12.Experience in cloud security, mobile application security, or secure coding training is a plus.
13.Business level English and Japanese.
■職種未経験者:不可
- 年収
- 1000万円 - 1400万円
- 語学力
-
英語力:中級以上
- 受動喫煙対策
- 就業場所 全面禁煙
- 受動喫煙対策詳細