Regional Chief Information Security Officer (CISO)

Regional Chief Information Security Officer (CISO) for Largest Financial Firms

Job Title

Regional Chief Information Security Officer (CISO)

Company Overview

One of the largest financial firms in Tokyo seeking a highly skilled and experienced Regional Chief Information Security Officer (CISO) to oversee and manage the information security strategy and operations for our Japan headquarters.

Your Role and Responsibilities

(Upon Employment)

• Global Collaboration: Work closely with the Group CISO to support and implement global security initiatives and policies.
• Strategic Leadership: Develop implement and monitor a strategic comprehensive information security and risk and control management program while maintaining and enhancing an information security management framework and all related policies and processes - according to the group strategy and roadmap. Protect company while reducing risk fulfilling compliance audit and regulatory requirements. Together with planning for budget associated to security activities in Japan.
• Partnership Collaboration: Liaise with relevant business units (such as Internal Audit Law Finance Safety & Security Risk Management HR teams) and external agencies as needed to ensure that the company maintains a strong security posture. Partner closely with all stakeholders including business stakeholders to identify business specific security requirements and implement them appropriately.
• Advisory Role: Provide leadership and guidance on information security topics advising and collaborating on security processes business continuity and disaster recovery plans. Assist with overall technology planning providing a current knowledge and future vision of technology and systems. Provide appropriate security controls for the business and Information Technology to ensure security policies processes and solutions are implemented on new products services and systems.
• Risk Management: Identify assess and mitigate information security risks across the region. Conduct regular risk assessments and audits.
• Policy Development: Create and enforce security policies standards and procedures to ensure compliance with regulatory requirements and best practices. Drive information security policies standards guidelines and oversee the dissemination of security policies and practices; identify knowledge gaps to increase the awareness of relevant information security practices across all Companys entities.
• Security Governance: Lead governance risk and control activity of Company in Japan by implementing business centric risk management. Manage third party stakeholders and associated risks.
• Compliance: Ensure compliance with regional and international regulations including data protection laws and industry standards.
• Security Awareness: Ensure that Company in Japan has a healthy security culture with appropriate understanding of culture and language. Develop and implement security awareness programs to educate employees about security best practices and emerging threats. Lead the key security awareness events in the Japan region.
• Reporting: Provide regular reports on the status of the regional information security program to senior management and the Group CISO.
• Cyber Threat Management: Monitor external threat environment for emerging threats and advise relevant stakeholders on appropriate courses of action in collaboration with the global Cyber Threat Defense team.
• Incident Response: Lead and represent regional management in the response to significant information security breaches and events in the region in conjunction with the Group CISO teams. Act as the point of contact for all cyber events regionally and manage the communication with management for incidents taking place in other regions.
• Cyber Simulation Tests: Run various security exercises such as cyber simulations. This also includes appropriate understanding of regulatory risks on company and measurements to counter the risks.
• Team Management: Recruit train and manage a team of security professionals. Provide guidance and support to ensure the teams effectiveness. Manage and develop security team for Company in Japan that is capable of adequately protecting the company. Leadership:
• Adheres to and promotes the company values and ethical framework ensuring that the team operates to the same code of conduct.
• Leads an environment where people management and development is a top priority. Empowers manages coaches and mentors direct reports and others in the organization and holds their teams accountable for strong people management practices.
• Brings diverse teams together to collaborate on topics in order to achieve optimal ideas and recommendations.
• Drives the achievement of high performance overseeing effective career management providing equitable opportunities driving succession planning and talent management processes to ensure continuous development of people capability & delivery of results
• Acts as a role model for own team communicating SMART business driven objectives at the beginning of the year ensuring every team member has regular continuous and constructive performance reviews encouraging career development and mobility nurturing talent and fostering diversity.
• Proactively manages tough people decisions to ensure people performance is aligned with organization imperatives and needs.
• Provides Regional view on people topics like talent skills seniority development promotion and compensation.
• Contributes to year-end compensation process hiring retention promotion and disciplinary actions.

Experience and Qualifications

• Bachelors Degree or Advanced degree
• 10 years of leadership experience in large complex and global organizations.
• Broad experience across business and infrastructure disciplines as well as regulatory interaction including regulatory portfolio management internal & external audit facilitation performance and risk assessment and technology & operational service delivery at both Global and Regional level.
• Experience evaluating and designing business and operational measures managing complex change agenda and driving strategy formulation and service delivery.
• Demonstrated executive experience leading a relevant business of similar size and complexity including significant leadership across multiple locations as well as non-staff resource allocation and leading through influence in a matrixed organization.
• Information security experience possessing a strategic and operational understanding of risk frameworks as well as regional trends and best practices for managing information security within large complex and global organizations.
• Ability to translate complex and technical security language and concepts into business risks and business cases.
• Ability to communicate with knowledge and credibility to all levels of management including appropriate management committees offering well considered information security solutions and recommendations.
• Demonstrated ability to develop strong relationships with regional external oversight and/or regional regulators.
• Japanese and English proficiency is critical as the position requires involvement with the global heads of security functions located in various regions.

Work Location

(Upon Employment) Tokyo
(Scope of change) Location as specified by the company

Salary

Up to 25M JPY

Details will be provided during the meeting.