Note: Applicants must have permission to work in Japan
Global Software Company
We are seeking a regional privacy operation manager who can lead the privacy operations for Japan and South Korea. As a privacy operation manager, your primary role is to identify privacy risks and implement and maintain risk-mitigating controls, in collaboration with the related global security and privacy risk functions. Also, you are expected to be a trusted advisor/consultant for any business functions in Japan and South Korea, in terms of privacy operation. Key functions include understanding of local and global privacy regulatory/compliance requirements, maintaining local privacy guidelines and rules, ensuring the employees' awareness towards privacy, conducting privacy assessment on third parties, and responding to incidents and inquiries. There is a possibility that you might be involved in Japan/ South Korea-specific enterprise risk management activities in the future.
- Partner with Privacy Legal, IT, Enterprise Security, Marketing, and other stakeholder teams to ensure that required privacy controls are properly in place in Japan and South Korea.
- Implement necessary controls to protect the company's information in compliance with the requirements by the related laws and regulations as well as the security and privacy standards, in collaboration with the related global functions.
- Create and maintain local privacy guidelines and rules in alignment with the related global policies and standards.
- Provide awareness activities towards security and privacy to the employees in Japan and South Korea, including regular internal training.
- Conduct third party assessment in terms of their security and privacy controls.
- Respond to and manage security and privacy incidents, including the notification to the related external authorities.
- Respond to inquiries from internal business partners as well as external individuals on our security and privacy operations, and recommend and participate in the improvement processes.
- Respond to the internal / external privacy related audits, that includes providing required evidence and getting interviews by auditors.
- More than 5-7 years of experience in privacy or information security area.
- Prior experience in maintaining privacy program including incident response, risk assessment, creating internal policies, and providing training.
- Experienced in leading the implementation of new privacy controls or improving existing controls as needed by involving related functions.
- Knowledge of privacy and security related regulatory compliance requirements, such as the Japan Privacy Law and the related guidelines, GDPR, ISO 27001, etc., and ability to quickly learn and understand any changes in a dynamic environment.
- Ability to make effective proposals for necessary changes in privacy controls/activities, based on the changes in related laws and regulations, as well as the market needs.
- Ability to operate autonomously to get things done in a given timeline, and lead meetings and projects with high-level direction.
- Analytical thinker, highly organized, detail-oriented, ability to multitask
- Possess a "whatever it takes to get the job done" mentality (i.e., pick up the phone, stop by a desk, follow-up multiple times, etc.)
- Excellent verbal and written communication skills for stakeholders at all levels and all functions of the organization
- Strong sense of compliance / risk management.
- Fluency in both spoken and written Japanese, and business level in both spoken and written English
[Preferred Knowledge, Skills and Abilities]
- Prior experience in leading and managing a project in security or privacy related projects.
- Prior experience in renewing and maintaining Privacy Mark.
- A proactive goal achiever who innovates to go above and beyond expectations, and is comfortable working in a fast-paced and dynamic environment incorporating constant change in priority.
- CIPP, CIPM, CISA or CISSP certified.
- Knowledge of or experience in working with any of security risk management frameworks.
(Experiences and skills will be considered)
Please click "apply" if you are interested in the job.
We will review your profile and contact you within five business days should we find that you satisfy the requirements of the hiring company.
Further details about the company and position will be notified at a later date.