Senior GRC Manager, Security Architecture & Compliance Section (RMI Security Eng. & Ops Dep)
Senior GRC Manager, Security Architecture & Compliance Section (RMI Security Eng. & Ops Dep)
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job Description:
About Organization
Security Architecture & Compliance Section is the Section that focuses on information security governance and compliance. Within this Governance Standards Compliance & Risk Section is the section that handles overall governance and compliance related to information security.
We are seeking a highly accomplished and strategic Senior Manager / Manager to lead our Governance Risk Management and Compliance function. The ideal candidate will possess extensive experience in building managing and maturing GRC programs with deep expertise across various domains and a proven track record of leading teams. This leadership role is responsible for defining and executing the organizations GRC strategy ensuring alignment with business objectives and the complex Japanese regulatory landscape and providing critical reporting to executive leadership and the board.
Job duties
Lead mentor and develop a team of GRC professionals fostering a culture of excellence collaboration and continuous improvement.
Define implement and continuously mature the organizations overall GRC strategy policies standards and procedures ensuring alignment with strategic goals and risk tolerance.
Serve as the primary point of contact for GRC matters reporting directly to executive management and the board of directors on the state of governance key risks and compliance posture.
Oversee and direct enterprise-wide risk management activities including the establishment of risk assessment methodologies identification of key risks (strategic operational financial cybersecurity regulatory) analysis and monitoring processes.
Establish and maintain a robust compliance program ensuring adherence to all applicable Japanese laws and regulations (e.g. Secrecy of Communication APPI cybersecurity regulations telecom-specific requirements) and international standards as required.
Direct the design implementation and evaluation of internal controls across the organization collaborating closely with internal audit IT and business units.
Lead the selection implementation and optimization of GRC technology solutions to automate processes improve efficiency and enhance reporting capabilities.
Develop and manage the GRC functions budget and resources effectively.
Oversee regulatory monitoring processes ensuring the organization is proactive in understanding and responding to changes in the legal and regulatory environment.
Champion and drive a strong GRC and risk-aware culture throughout the organization through effective communication training programs and engagement with stakeholders at all levels including senior leadership.
Manage relationships with external auditors regulators and legal counsel related to GRC matters.
Direct the preparation of high-quality insightful reports and presentations for executive management and the board on GRC program status key risks compliance performance and strategic initiatives.
Stay abreast of emerging GRC trends threats and best practices particularly those impacting organizations in Japan.
Minimum Qualification
Bachelors degree in Information Technology Law Finance or a related field. An advanced degree (Masters or higher) in a relevant discipline (e.g. MBA Cybersecurity) is highly preferred.
Multiple relevant professional certifications such as CISA CISM CRISC CISSP CGEIT or others demonstrating expertise in GRC leadership and domains are good to have.
10-12 years of progressive experience in Governance Risk Management and Compliance roles with a significant portion a leadership or management capacity responsible for teams and/or significant program components.
Proven experience leading and managing teams of GRC professionals including hiring performance management and development.
Extensive experience in designing implementing and managing enterprise-level GRC programs.
Deep and broad understanding across multiple GRC domains (e.g. security risk management compliance management policy management third-party risk business continuity information security governance).
Comprehensive knowledge and practical experience with the Japanese regulatory environment including financial regulations data protection laws (APPI) corporate governance codes and cybersecurity legal requirements.
Experience reporting to and advising executive management and boards on complex GRC matters.
Strong experience with GRC technology platforms; experience with specific leading GRC tools is a significant advantage.
Exceptional strategic thinking leadership and influencing skills.
Excellent verbal and written communication presentation and interpersonal skills with the ability to effectively communicate complex technical and regulatory information to diverse audiences including non-technical executives.
Demonstrated ability to manage multiple priorities projects and stakeholders in a fast-paced environment.
Languages:
English (Overall - 3 - Advanced) Japanese (Overall - 1 - Beginner)Required Experience:
Manager
Employment Type
Full-Time
