The global Director of the Information Security will provide effective leadership for the development, implementation and maintenance of all aspects of IT information Security and Compliance across all brands of the business.
The successful person will work collaboratively within the Information Security Office and across business units to establish an appropriate IT information security program that includes information security strategic roadmap; practices and standards; an impactful IT security awareness program; Information Security Incident Response Plan and management; Corporate IT Security Risk Assessments and penetration testing; and the development and maintenance of a supporting business technology architecture.
The new global Director of Information Security will be able to liaise with business unit leaders, IT, executive management, and the Board of Directors to communicate information risk as it relates to business value and the organizational goals.
Duties & Responsibilities:
- Work effectively with the IT leadership team to develop and maintain strong security procedures and best practices (including PCI DSS compliance), including coordination of information security and risk management projects with resources from the IT organization and business unit teams
- Manage and mentor IT Security Resources and IT Security Coordinators globally.
- Manage and update IT information Security Awareness Training programs.
- Manage company-wide IT security risk reviews and assessments (annual and ad hoc)
- Provide regular reporting to the Information Security Office and Information Security Steering Committee(s) in areas of responsibility, including the IT Security roadmap program of projects, PCI DSS compliance, current and potential cyber risks. Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.
- Manage and strengthen the IT Security Incident Response Plan.
- Partner with Security Operations Center, SOC (when implemented) to assess cyber security risks and assist with developing a response strategy. Participate in cyber security meetings.
- Meet with Internal Controls and Internal Audit for regular IT/Internal Controls updates.
- Develop, maintain, and operate systematic security tools, such as penetration tests and monitoring of security controls.
- Ensure that senior management is aware of any network or system activities that could impact business continuity. Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.
- Proactively evaluate the risks in new and current systems in regards to potential security issues and recommend alternatives.
- Performs additional duties as requested or required.
Knowledge, Skills & Abilities:
- BS degree in Computer Science, or Information Systems, or equivalent is required. Advanced degree and security certifications (e.g. CISSP, CISM) would be ideal.
- Minimum 8-10 years of experience in a program management or operational leadership role; minimum of 5+ years of experience with information security standards, including PCI DSS; 5+ years of experience security governance and IT security awareness training
- Strong Japanese and English verbal and written communication.
- Excellent interpersonal skills: negotiation skills, conflict resolution, relationship building and listening, and strong analytical and reasoning abilities, including troubleshooting, planning, organizing, decision making abilities, willingness to learn and the ability to multi-task with attention to detail and deadlines.
- System & network knowledge - creativity in problem solving and developing means to identify, monitor and respond.
Founded in 1948, Robert Half pioneered specialized recruitment services and today is the world's leader in placing accounting, finance, banking and technology professionals.
In Japan, Robert Half operates Robert Half Finance & Accounting, Robert Half Financial Services, Robert Half Management Resources, Robert Half Technology and Business Transformation.