Job Title: Information Security Engineer

In today's dynamic digital environment, security is everyone's job. The Security and Trust Organization is at the core of making infrastructure more secure. Your involvement in this strategic and results-oriented team will enable you to be part of major objectives - to be the Number 1 Trusted Business partner to our customers.

The Global Cloud Compliance (GCC) group within the STO is responsible to drive Compliance certifications specifically our ISMAP efforts in Japan. This team is responsible for enabling and protecting Cloud sales for our Commercial customers, Japan Government and Federal agencies, as well as many international standards bodies. As an Information Security Engineer within the GCC group your primary role requires an in depth understanding of various security certification frameworks like AICPA SOC, ISO27001, ISMAP, and others.

• Partner with our clients to enable ISMAP Certification and more for SaaS offers
• Leverage commonalities between major certification programs to design, implement and drive adoption of Cloud Controls Framework (CCF)
• Support and drive the adoption of core services that together constitute a Common Security Tooling Stack
• Implement governance and tracking of SaaS offers Compliance targets
• Create and maintain centralized governance functions, e.g., information security and business continuity steering committees, risk assessments, policy/standards/exception management programs, etc. Using a hub (S&TO) / spoke (SaaS Offers) model

• Work with ISMAP certifications including documentation and on-going maintenance of the certification.
• Liaison with external auditor and other internal teams to support certification audits.
• Identify and drive process improvements
• Work directly with Japan IPA on ISMAP journey.

• 1-3 years of proven track record in related field such as IT Audit, GRC, etc.
• Hand on experience with AWS and other cloud environments
• Knowledge of Compliance frameworks is a must (e.g., ISMAP, SOC2, ISO)
• Knowledge of Core IT processes / services such as SDLC, Identity/User Access management, Vulnerability Management, Backup and DR processes will be useful
• Bachelors Degree with a focus in Information Technology / Computer Science or related field
• Excellent communications skill at all levels of the organization
• Ability to prioritize in a fast-changing environment
• Ability to balance multiple programs
• Excellent analytical skills
• It's critical that the person is a good team-player
• Relevant certifications like CISA, CISSP, CCSK, others, will be a plus.