IT: Other
Cyber Technical Director (aka Cybersecurity Technical Advisor)
Vice President / Executive Director
|
職務内容 Job Description
|
Overview:
Nomura is a global financial services group with an integrated global network spanning over 30 countries. Japan IT (Information Technology) is a diverse environment with employees of over 25 nationalities, who work on technical support, application development and implementation of system changes for Japan Retail Wealth Management Business and Global Wholesale (Global Markets and Investment Banking). Nomura provides competitive employee benefits, training and upskilling opportunities, and is committed to promoting diversity, equity and inclusion, employee health and well-being.
We are seeking a highly skilled and experienced Cyber Technical Advisor to join our team. The ideal candidate will provide expert and technical guidance on cybersecurity strategies, policies, technologies, and best practices to protect our organization’s information systems and data. This role reports directly to the Chief Information Security Officer (CISO). |
|
|
Responsibilities:
Cyber Technical Director is responsible for overseeing the development, selection, and deployment of security solutions, processes, and controls. This position ensures that said solutions, processes, and controls are optimized and working as intended. Furthermore, this position also supports the Group CISO in doing security research and development, product evaluations, consulting, project support, and provide an independent support to the Group Security Architecture and Engineering domain. The position acts as a hands-on contributor to various technical projects such as establishing a new SOC, developing new cyber threat intel dashboards, etc. The position is very hands-on and requires active involvement in IT and business projects to ensure security controls and processes are integrated prior to being moved into production. The ideal candidate has the ability to act as an individual contributor, operating in a matrix environment. He/She will work directly with the Group CISO, the Japan Head of Information Security, as well as the CISO’s Leadership Team. This position will also have an oversight and coordination role with our various security providers, contractors and consultants to ensure they operate per their contracts and SLA’s. He/She will assist with negotiations, POC’s, testing, etc.
<KEY JOB FUNCTIONS>
■Security Architecture & Engineering
・Test, select, architect, and deploy security appliances throughout the firm as needed and ensure they are fully operational.
・Act as a central advisor to the Information Security and Information Technology teams and offer solutions to applicable security risks and threats and ensure security solutions and processes are fully integrated prior to new services/products being moved into production.
・Establish the Security Service Desk (mainly located in India with a couple of people in Japan) to ensure the timely management of security requests through an automated ticketing system (will need to be implemented with Service Now including the creation of dashboards, metrics, etc.).
・Support the implementation of an overall application security architecture working with the Security Architecture Team.
・Once security architecture and assessment/testing work is completed on projects, including tool deployment, ensure that all required documentation (including roles and responsibilities) is in place to ensure the transition to the Security Engineering and SOC teams.
・Manage the security tool stack for the CISO team globally by developing procedures, engagement models with various IT teams (e.g., CTO, App Developers), and ensuring that we have the appropriate resources and training to support the tools.
・Support the management of the cyber vendors to ensure security tools are optimized.
・Provide technical support to the CTD (Cyber Threat Defense) and SAE (Security Architecture & Engineering) team in case of security incidents, fraud investigations, and forensics activities.
・Validate security technical documentation prior to being published.
■Strategic Planning & Management
・Provide tactical direction as to the overall security architecture of the firm including network and platforms.
・Participate and contribute to the Information Security strategy and roadmap to ensure that all cyber technical functions and activities are aligned with the CISO's strategy and supporting programs.
・Provide input to all status and management reports as needed by the CISO Team.
・Validate project plans and documentation for all projects involving the SAE and CTD teams.
・Contribute to all deliverables and remediation resulting from the work performed as part of the Information Security projects.
・Contribute to the implementation of a security R&D lab to perform all required security assessment, reviews, testing, etc. including evaluating, selecting, deploying and managing network and infrastructure security tools.
・Provide R&D and consulting support to the CISO Team, IT Team, and the business as needed.
・Contribute to the technical understanding and promotion of new and existing information security standards, solutions, and tools throughout the firm.
■Security Risk & Compliance Management
・Support the various audits, regulatory exams, assessments, etc. to ensure that all outstanding findings and gaps are resolved timely by IT and the business.
・Provide oversight to the continuous improvement initiatives within the CISO team to ensure that technical controls are in place and effective to preclude recurrences.
■Organizational Planning and Management
・Provide training and advice to less experienced staff and/or other non-security professionals (IT, branches, e.g.) as it relates to cybersecurity technical topics.
・Assist with general and financial administrative activities in collaboration with all team members.
■Collaboration
・Work closely with the Chief Information Officer (CIO) and Chief Technology Officer (CTO) to align cybersecurity initiatives with overall IT and business strategies.
・Collaborate with other security functions, including network security, application security, and data protection teams, to ensure a cohesive and integrated approach to cybersecurity.
・Participate in cross-functional meetings and projects to provide cybersecurity insights and recommendations.
・Support the CISO in developing and communicating the organization’s cybersecurity vision and strategy to senior leadership and stakeholders. |
|
登録資格 Requirements
|
Requirements: |
- Bachelor's degree or equivalent business experience in Computer Science, Database Administration, MIS or Electrical Engineering required
- Certified training in security management, risk and compliance solutions and practices. CISSP, CISA, CISM, GSEC, CRISC, or related certification(s) required
- 10-15 years’ work experience in Information Security and/or IT support, programming or operations required.
- At least 10 years’ hands-on work experience in Information Security including multiple security appliances.
- Requires knowledge of operating systems, relational database architecture, client/server technology, wide and local area networks, communications protocols, real-time systems, mission-critical systems, industry standards and regulations, and various types of computer equipment, operating systems, etc.
- In-depth and hands-on experience with cloud technologies, network security solutions such as Firewalls, IPS/IDS, Web Application Firewalls, Network Monitoring systems, VPN, etc.
- Strong analytical skills, problem solving skills and project management skills.
- Extensive training in engineering disciplines including systems programming, systems design, computer technology, and software disciplines.
- Operations management, project management, and system implementation management skills.
- Ability to influence the IT organization in integrating security measures and tools in their systems.
|
|
勤務地 Location
|
豊洲
|
|
|