Information Security Consultant

ELEKS is expanding in Japan and looking for an Information Security Consultant in Tokyo to assist with development and delivery of Security Services on a local market.

The new team member will be responsible for leading the communication with Japanese clients and assist with the delivery of services on cybersecurity projects (consulting, security testing, Governance Risk and Compliance (GRC) solution implementation). We are looking for a self-motivated expert in the information security compliance domain with good communication skills. The key ability would be to ensure our services are tailored to local client needs and presented/communicated effectively.
You will cooperate closely with the EU Security Services department and work in a dynamic, supportive, friendly environment where your capabilities and input really matter.

Qualifications

• Knowledge of Japanese market for security services
• Experience in developing / maintaining ISMS
• Knowledge of security frameworks / standards (e.g. ISO 27001, P-Mark, SOC2, NIST, PCI DSS, etc.). Ability to conduct readiness / gap assessments, provide recommendations
• Understanding of GRC framework and tools
• Understanding of secure coding practices, ethical hacking, threat modeling, secure SDLC process
• Understanding of DR / BCP standards and best practices
• Understanding of security testing services, no practical experience required
• Experience in defining security requirements as well as evaluating and selecting appropriate information security controls.
• Understanding of IT and information security trends, challenges
• Knowledge of security vendors, systems and solutions
• Ability to deal with incomplete, poorly defined or undocumented requirements.
• Technical writing

• Strong analytical and conceptual skills balanced by broad perspective on how security efforts to support realization of business goals
• Critical thinking and problem-solving skills
• Planning and organizational skills
• Strong project management, written and oral communications skills
• Ability to work close with a broad range of stakeholders

• Preferably technical university degree (information or cyber security, computer science etc.)
• Information security courses/certifications are desirable (ISO27001 Lead Implementer, CISM)
• English – upper-intermediate (spoken and written)

• Preferably 4+ years of experience in information security
• Preferably 2+ years of experience in ISMS implementation
• Preferably 2+ years of experience in audits

• Self-motivated personality
• Eager to learn and deliver results
• Attentive to details and striving for continuous improvement
• Professional and positive approach

Key Duties and Responsibilities

• Assist sales team in capturing the client information security needs during the pre-sales, match them with ELEKS security services and assist in creation of proposal, where necessary
• Providing the feedback for ELEKS security services with the aim to customize them for Japanese market and expectations of local clients
• Assist with implementation activities for eCAP roll-out at ELEKS and on commercial projects. eCAP is a Governance Risk and Compliance (GRC) tool covering Information Security, Privacy and Business Continuity standards/frameworks
• Research new country-specific and regional standards/frameworks/regulations as per client needs
• Provide Information Security Management System (ISMS) consultancy for clients, analyze client documentation and propose/introduce improvements, where appropriate. This includes adherence to international and Japan-specific standards, such as ISO 27001/2, ISO 22301, P-Mark, NIST 800-53
• Determine the most effective way to protect organization’s assets against possible attacks. Develop rigorous “best practice” recommendations to improve security on all levels
• Conduct the workshops/training for clients covering eCAP functionality and ISMS best practices
• Develop both high- and low-level action plans for implementation of the information security policies and procedures maintaining the proper balance between business priorities, information security risks, and cost of controls implementation for the organization
• Conduct risk assessments, maintain data privacy documentation and perform other ISMS  activities
• Participate in Business Continuity (BC) / Disaster Recovery (DR) planning and testing
• Conduct ISMS audits for clients by preparation of the audit checklists, coordination of audit activities, collection of evidence, conducting the interviews and preparation of audit reports
• Coordinate the process of the implementation of the corrective actions to address nonconformities found during internal and external information security audits
• Support communication on security testing (vulnerability scanning, penetration testing) project by presenting the results of testing to customers
• Occasionally participate in pre-sale activities for application development services as Secure Software Development Lifecycle (SSDLC) subject-matter expert
• Assist Project Managers (PM’s) in managing the communication and approval of project artifacts with the clients
• Research security vendors, standards, security systems and solutions

What will you get with ELEKS

• Close cooperation with a customer
• Challenging tasks
• Competence development
• Projects from scratch
• Team of professionals
• Dynamic environment with low level of bureaucracy

ABOUT ELEKS

ELEKS is a custom software development company. We deliver value to our clients, thanks to our expertise and experience gained from working as a software innovation partner since 1991.

Our 2000+ professionals located in the Delivery Centers across Eastern Europe and sales offices in Europe and North America, provide our clients with a full range of software engineering services. These include product development, QA, R&D, design, technology consulting and dedicated teams.