IT: Other
Senior Cloud Security Architect
Vice President
|
職務内容
Job Description
|
1) Job/Group/Function Overview:
Nomura is an Asia-based financial services group with an integrated global network spanning over 30 countries. By connecting markets East & West, Nomura services the needs of individuals, institutions, corporates and governments through its three business divisions: Retail, Asset Management, and Wholesale (Global Markets and Investment Banking). Founded in 1925, the firm is built on a tradition of disciplined entrepreneurship, serving clients with creative solutions and considered thought leaders.
Nomura employs a robust IT Security department, members of which are located in all of its major regions, namely EMEA, Americas, India, Asia Excluding Japan (AeJ) and Japan. This team is responsible for designing, implementing and maintaining Nomura’s IT Security Policy and strategy within the Japan region.
The team’s focus is to serve as the single point of contact for all Information Security & IT Security related queries, concerns and technologies. The team provides a high standard of user and business support in a responsive and timely manner across all businesses, takes responsibility and ownership for maintaining the global/regional strategy, and delivers the operational deployment of global/regional security services in a manner consistent with the common business goals and objectives in the region.
|
| |
| |
| 2) Responsibilities: |
- Develop and maintain a deep understanding of the organization's cloud security needs
- Design and implement a comprehensive security architecture framework and reference architectures Cloud security.
- Continuously develop and mature the program and roadmaps in line with industry best practice and the evolving threat landscape.
- Develop and maintain security policies and standards for all cloud models
- Provide guidance and technical leadership to project teams to ensure security requirements are properly integrated into software development and infrastructure projects.
- Partner and collaborate with cross-functional teams including Cloud operations and engineering teams to identify and address Cloud security risks across the organization.
- Define cloud security solutions and patterns including secure authentication and authorization mechanisms for SaaS applications and integrations.
- Stay up-to-date with industry best practices and emerging trends in cloud security and incorporate them into the security architecture framework.
|
| |
| All team members will need to perform project management activities (Change the Bank (CTB)), as well as operational activities and support (Run the Bank (RTB)). |
|
登録資格
Requirements
|
3) Requirements :
<Mandatory> |
| Language Skills: |
- Japanese language skills are nice to have but not an absolute requirement for this role.
|
| |
| IT and IT Security Experience: |
- Established Cloud Security Architect with at least 10 years within the broader IT Security disciplines
- and technologies.
- At least 3-5 years of experience in cloud security architectures
- Experience with developing requirements and models for the future-state, current state and gaps in the different cloud models
- Cloud security architecture experience in applying enterprise architecture principles and methods in supporting IT programs and Projects
- Strong knowledge of Cloud services (AWS, GCP, Azure)
- Experience with compliance standards and regulations
- Knowledge of established information security frameworks and standards (i.e. NIST, ISO2700, CSA, SCF) and their application into diverse environments.
- Cyber Security related qualification (s) such as CISSP, CISM, CISA, CRISC
- Strong relationship, communication and stakeholder management skills. Ability to deal effectively with key stakeholders, internal and external to the Technology Division
- Ability to act pro-actively to ensure and effectively collaborate with regional and global counterparts
- Excellent interpersonal skills with the ability to build and influence; and self-motivated
- Committed to continuous improvement for team and self.
- Ability to run with a number of tasks concurrently and manage expectations appropriately
|
| <Preferred> |
- Any security certifications, such as: CISSP, CISM, CISA, Security+, CEH, CCSK, or similar industry recognized certifications.
- Project management certifications, such as PMP, Prince2, or CSM.
- Other best-practice IT certifications such as ITIL or COBIT
- Knowledge of controls frameworks such as NIST CSF, NIST SP 800-53, ISO 27001/2, CIS, and FISC.
- Experience working in a global team.
|
| Personal Characteristics: |
- Strong communication skills, ability to work comfortably with different regions.
- Good team player, ability to work on a local, regional and global basis and as part of joint cross-location teams and cross-functional teams.
- Ability to be pro-active and self-manage tasks through to completion.
- Able to perform under pressure.
|
|
勤務地
Location
|
豊洲
|
|
|
