Country Cybersecurity Officer

Responsibilities

Deploy governance & policy framework aligned with local legislation

  • Implement the Group Cybersecurity Baseline Policy and Framework
  • Control compliance to Baseline Policy, conduct and support to assessments and gap analysis
  • Monitor exceptions and remediation plans
  • Prepare and lead the ISO 27001 certification process
  • Ensure support role to Engagements Managers / Account Security Managers (if in place)
  • Work closely with the Data Protection Officer / Data Protection Champion
  • Manages (or monitor) the Cybersecurity audits requested by customers & monitor that engagement will define appropriate remediation actions
  • Define and monitor Cybersecurity KPI for the country

Organize and manage communication / awareness / education

  • Deploy local communication and awareness programs for all employees
  • Define and train relevant resources based on policies and guidelines (incl. delivery)
  • Deploy training programs to increase awareness in security issues
  • Act as Subject Matter Expert for regional cybersecurity regulation requirements
  • Ensure translation in local language any Group documentation / materials to be addressed to local employees

Monitor risks & threats to take preventative actions

  • Perform risk assessment for local internal applications / digital services
  • Support local entities / functions to assess cyber risks for third-party suppliers.
  • Maintain annual threat assessment report based on Group template
  • Actively monitor for potential threats on local environment
  • Take necessary steps to address based on Governance principles

Identify, control and report incidents

  • Act as escalation point for local client, staff-based security incidents
  • Lead remediation activities for security incidents
  • Represent the organization during the crisis communication process

Management involvement and reporting

  • Report to Country executive (CEO and/or COO / Country Manager)
  • Report to APAC CSO on compliance and major incidents and provide regular reporting.
  • Own relationship with relevant national security agency
  • Implement and manage local GBL cybersecurity SPOC when in place
  • Organize a cybersecurity committee, participate in Data protection and security Committee, Business Continuity Management Committee

Expected certifications:

  • ISO/IEC 27001 and/or Privacy mark
    • Responsible first certificate and/or renewal two times.
  • ISO / IEC 27001 Lead Implementor or Auditor
  • Certified Information System Security Professional (CISSP)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • CCISO Certification

Core behaviors: (no action)

  • Client value & Service Excellence
  • Collaboration
  • Continuous Learning & Self Development
  • Diversity
  • Flexibility
  • Initiative
  • Life Balancing
  • Living Capgemini values
  • Professional Integrity
  • Resilience

Language ability:
Japanese and English Fluent level 

Location:
Tokyo

What we’ll offer you:
Professional development. Accelerated career progression. An environment that encourages entrepreneurial spirit. It’s all on offer at Capgemini. And although collaboration is at the core of the way we work, we also recognise individual needs with a flexible benefits package you can tailor to suit you.

Why we’re different:
At Capgemini, we help organisations across the world become more agile, more competitive and more successful. Smart, tailored, often-groundbreaking technical solutions to complex problems are the norm. But so, too, is a culture that’s as collaborative as it is forward thinking. Working closely with each other, and with our clients, we get under the skin of businesses and to the heart of their goals. You will too.

Ref:

2020-JP-113

投稿日:

2020年12月21日

経験レベル:

Manager

学歴レベル:

Bachelor's degree or equivalent

契約タイプ:

Permanent

勤務場所:

Tokyo

Department:

IT Solutions