Ensure Information Security compliance and business conduct of Europe’s (KEU) in line with current company’s group policies and legal requirements.
Reduce probability of cyber incidents, which could have substantial impact on the Company’s business operations, reputation and the customers.
• Analyse KEU and branch offices Information Security strategies, policies, procedures etc., and implement them in the UK as well as Belgium, Netherlands, Turkey and Russia (the group companies).
• Monitor and report all IS issues within KEU, the group companies and the HQ based in Tokyo.
• Proactively lead the Incident Management processes to restore a normal service operation as quickly as possible to minimanise impact on business operations.
• Work closely with KEU customers and provide support on all IS issues including revision of policies and practices and provide customers with advice for improvement.
• Communicate to customers impact of the IS threats and assist them with implementation of new or revised procedures and/or IS plans in order to meet their needs.
• Conduct KEU and customers audits, provide all parties with guidance on IS and changing trends / legislation.
• Be first point of contact to all IS related enquiries from staff and customers.
• Actively participate in IT Risk Assessment by identifying and cataloguing information assets, identifying threats and vulnerabilities, analysing internal controls, determining the likelihood of an incident occurring again, assessing impact the threat may have on business operations, prioritising risks to IS and designing controls.
• Design, implement and review internal and external system security assessment support.
• Systematically assess KEU’s and the group companies IS management process in line with the ISO 27001 certification through internal audits.
• Revision of customers ISO 27001 if necessary.
• Review, assess and audit new and existing suppliers.
• Design and implement IS training for KEU and the group companies as well as customers if necessary.
• Provide IS induction and training to new employees and ex-patriates.
Ad hoc requests from your line manager
Experience and skills required
ISO 27001:2013 management experience
General IT security knowledge such as (D)DOS, BEC, APT, SPF, IDP, PKI and E2EE
General IT system experience such as AD, DNS, Email, DB and Firewall
General IT understanding such as Windows event log, system audit log, domain records, authentication, L2/L3 networking and remote access
Ability to appreciate to work under the corporate governance of KDDI Corporation in Japan
Administration skill to create, organise and maintain records
Information Security or IT certifications such as ISO auditor, implementor, CISSP, CISA, CISM, CCNA etcFluent in Japanese in both writing and speaking