ビー・エム・ダブリュー・ジャパン・ファイナンス株式会社/ BMW Japan Finance Corp.
Senior Specialist, Information Security and Data Governance (SF3-JP-S-5)
職務内容
Job description
Information Security

Ensure Information security at the company by following the guideline and policy, understanding Head Quarter (HQ) requirements and setting and implementing measures.
For example, following tasks need to be performed:
 Information Protection
- Checking information classification document (ICL), Information lifecycle management (data retention management) etc.
 Data Privacy Protection
- Conduct Information Data Protection (IDP) annual review (Storing all IDPs in the system, analyses and implement identified actions to reduce IDPs with line functions, closing all open measures) and check/follow-up Privacy Impact Analysis (PIA) etc.
 Data Leakage Prevention
- Manage USB lock
 Provider & Dealer Security Management
- Checking Provider Security Assessment, Information Security requirements for providers & vendors etc.
 Security Culture & Awareness Improvement
- Running security campaigns and trainings
 Cyber Security
- Running trainings/campaigns to raise associates’ awareness regarding cyber security
 Identity & Access Management
- Managing RoMa (access management system) enrolment and segregation of duties etc.
 Development & Operations Security
- Checking IT system ICL, IT conformity statement, Penetration testing. Follow up those security measures on the applications, and report the status to Compliance Steering Committee etc.

Data Governance

Ensure Data Governance at the company by setting local governance framework and guideline with Compliance team, understanding HQ requirements and defining actions and implementing them. For example, following items need to be implemented and operationalized:
 Risk Assessment
It needs to be performed in order to identify gaps from external / internal requirements regarding data governance.
 The Roles and Responsibilities for Data Governance
It needs to be defined, aligned the definition of a collaboration model (using RASIC) with other roles Information Security Officer, Customer Data Delegate, Data Privacy Protection Officer.
 Local Data Structure
 Process of Data Analytics
For example, a process which 1st and 2nd line of defense review the use cases needs to be defined. An escalation process for conflicting requirements is also required.
 Data Culture
In a written format a good data culture needs to be defined. Data Culture contains also Data Ethics as moral obligation of a company in the capture/ retention / utilization of data that is in line with corporate values.
 Training and Awareness
 Monitoring Activities for the Data Governance
Data compliance needs to be defined, executed and performed on a regular basis.


情報セキュリティ&データガバナンス担当者は、社内のガイドラインやポリシーで定められた事項に従って、各部署と連携し、組織全体で情報セキュリティ対策の実施、社員・職員に対する教育・啓蒙活動を行います。また、データガバナンスについては、コンプライアンス部門やGroup本社のデータガバナンスオフィスと連携しながら、情報を効果的かつ効率的に使用するための、プロセス、役割、ポリシー、評価指標の策定と実装を行います。

1. 情報セキュリティ・データガバナンス リスクアセスメントおよびリスク対応
2. システムへのアクセスマネジメント
3. 情報のライフサイクルマネジメント
4. システム開発におけるセキュリティ対策の確認
5. データガバナンスのポリシー、フレームワークの策定
6. データガバナンスに関する役割やプロセスの導入
7. データの品質確保
8. 情報セキュリティ・データガバナンスにおける本社およびリージョンオフィスに対するマーケットリエゾン、ベストプラクティスの共有
9. 情報セキュリティ・データガバナンスの啓蒙活動・社員教育       等

上記のほか、必要に応じて、プロセス・マネジメント&クオリティ部門で行っているその他の業務(業務プロセスの改善やデータ分析等)のサポート。
 
登録資格
Job qualification
 Bachelor’s degree required, Master’s degree is preferred.

 5 or more years in an information security and data governance related role
 Experience in banking/financial services and/or Information Technology is preferred

 Japanese and English native or fluent language skills
 Strong communication skills in writing, speaking, and presenting.
 Leadership in cross-functional organization, able to manage conflicts and to prioritize. Excellent coordination skill with many stakeholders is needed.
 Ability to work in fast-paced business environment with strong organizational skills. Time management to keep due dates of deliverables are essential.
 Self-motivated, results-driven and strong attention to detail.
 Willingness to challenge new things
 Strong logical and analytical thinking and structuring
 Good understanding of information security and data governance
 Good knowledge of financial service processes and business
 Excellence in Excel, PowerPoint and other Microsoft Office Software.


 学士号またはそれ以上
 情報セキュリティ・データガバナンスに関する知識(両方の知識があることが望ましいが、どちらかでも可)
 論理的思考能力
 クロスファンクショナルな組織におけるリーダーシップ
 高いコミュニケーション能力、プレゼンテーションスキル
 新しいことに挑戦するのを厭わないこと
 ビジネスレベルの英語および日本語(英語は海外とメールやTV会議等で議論できるレベル)
 MS オフィス(ワード、エクセル、パワーポイント)

<尚可>
 金融機関での実務経験
 IT部門での実務経験
 Tableau
 SQL
 
勤務地
Location 
Tokyo HQ (Shiodome)
東京本社(汐留) 


←職種一覧へ / Open Positions  ↑このページの先頭へ / Back to Top