【アマゾンジャパン合同会社】Security Compliance Specialist, Amazon Stores Security
仕事内容
説明
Are you interested in driving exceptional security for customers? Do you see information security as a business enabler? Amazon’s Stores Security organization is seeking an experienced Security Compliance specialist. As part of the Amazon Stores Security Office of CISO Japan team, this role will build the bridges between security, technology, and compliance by working across remote and local teams within Amazon Security organization, healthcare business teams, and related Amazon corporate teams. This candidate should be an innovative security/compliance professional who has the ability to dive deep into a variety of complex issues, understand IT processes, and drive compliance assessment to existing and emerging Japan healthcare information security standards.
The ideal candidate will have strong leadership and problem-solving skills, excellent communication skill, and effectively work with cross-functional Amazon teams to support service build-up, service launch and on-going service operation activities.
Key job responsibilities
This position will be responsible for:
- Establish credibility and maintain strong working relationships with groups involved with information security matters (Legal, Amazon Japan Business Entities, Product Management, Security Assurance, Amazon Healthcare compliance, Application Security, Third Party Security, etc.), supporting their security/compliance questions and documents.
- Manage healthcare application compliance assessment. Manage the readiness efforts of services for Information Security Management System (ISMS) certification, 3 ministries’ 2 guidelines (3M2G) to handle medical information, medical cyber security checklists, and/or audit requirement in Japan, and determine scope for healthcare related compliance assessment activities.
- Test services annually against laws, regulatory guidelines, and security standards. Perform written regulated service impact assessments relevant to healthcare business in both English and Japanese, and track corrective actions and re-test if necessary.
- Assist stakeholders and Amazon Japan employees aligning with standard operating procedures, controls, monitoring, and reporting with the goal of improving operations, compliance policies, and risk management.
- Provide on-going Security and Compliance consultation of business operation and incident management via requested tickets.
- Support internal information security training development as well as managing engagement of Amazon Japan employees/officers taking external trainings required by regulators if any.
A day in the life
- Engage with regional business and technical stakeholders to identify security needs, and maintain a good understanding of the Japan healthcare regulatory landscape impacting business
- Determine strategy for highly sensitive and/or high-profile healthcare compliance assessments
- Maintain metrics on security and compliance, prepare reports for senior management on the state of security in region, and continuously improve the compliance posture of the healthcare business by reducing the number of repetitive defect findings identified cycle over cycle
About the team
Regional Security Teams (RSTs) operate locally and stationed teams in complex regulatory environments like China and Japan to provide region-specific compliance support and first-line security functions where a dedicated security team does not already exist. Our foray into the latter is driven by our proximity and relationships with business and country leadership, language requirements, and regulatory expectations that are tied to the broader retail/marketplace domain.
We are open to hiring candidates to work out of one of the following locations:
Tokyo, 13, JPN
応募資格(必須経験など)
基本条件
- Bachelor's Degree in Computer Science, Engineering, Information Systems Management, Information Security or other related fields
- 3+ years of experience in project/program management, developing and maintaining stakeholder relationships across large organizations
- Experience in working directly with auditors/regulators in support of compliance audits for ISO and other compliance regimes
- CISSP/CISA/CISM certification is a plus
- Fluency in both Japanese and English languages with sufficient writing skill
歓迎条件
- 5+ years of experience as a technical program manager in security/software/web development organizations
- 5+ years of experience in performing and/or participating in technical assessments in direct support of a major compliance effort (PCI, SOC, ISO and other compliance regimes)
- 5+ years of experience in performing technical security assessments and audits of network, operating systems, application security, and auditing IT processes
- A record of delivery of large IT process improvement projects with technology processes and/or major tech companies
- CISSP/CISA/CISM certification preferred
Please check the website below for measures to eliminate unwanted second-hand smoking in each facility:
https://www.amazon.jobs/en/landing_pages/passivesmoking
就業の場所における受動喫煙を防止するための措置に関する事項については、下記リンク先をご覧ください。
https://www.amazon.jobs/jp/landing_pages/passivesmoking
The salary information can be provided individually prior to the 1st interview
賃金に関する条件は、1次面接の前に個別にご案内することができます