Information Security Specialist (Governance and Compliance)


About the company
With the mission to change the world by changing the conventional beliefs of clothing, the company provides quality clothes at a great price. The company is trying to share the joy of wearing quality clothes to people all over the world.

The company operates a wide brand portfolio, with 8 different fashion brands. Their flagship brand, known for their high quality everyday comfort, operates globally and is responsible for their own manufacturing process: from procurement and design to production and retail / ecommerce sales.

The company aims to become the world's number 1 apparel retailer, and plans to strengthen their global presence in 2020. To do so they have been very aggressive in acquiring foreign clothing brands and further expanding globally. They have been making a lot of innovation in the way that factory and manufacturing line works as well as logistics line so that they can deliver the clothes to the customers in very prompt manner.

Corporate profile:
Established back in 1960s
The number of employees are over 56,000 2020/2/29
Corporate Culture
There are many talented employees from all over the world. There are variety of works/projects that you will be involved in and you have to be flexible and are very good at communicating with other people in order to be successful in the company. The company is very fair in promotion and reflect your performance in promotion as well as in bonus.
The company encourages people to aim high as the company still maintains entrepreneurial spirit. For bonus and promotion, people who set higher goals will get better evaluations even if he/she did not necessarily achieve the set goals.
Global Aspects
  • Deal with global projects
  • Already foreign employee(s) working
  • Many employees speak English
  • Joint company/office overseas
  • International sales
  • Actively pursuing diversity at the work place
  • Market research overseas
Other details
  • Structured On-boarding after you join the team
  • Values clearly defined
  • Training opportunities
  • Clear career path
  • Japanese lessons for foreign employees
‐ Essential duties and responsibilities include;
‐ Establish and maintain an information management and protection framework for an effective enterprise wide Governance Program; serve as a consultant to business-area leaders
‐ Manage day-to-day activities, including policies, procedures, training and communication regarding the Governance Program.
‐ Identify, track and oversee internal and external compliance and regulatory requirements (PCI, GDPR, Data Privacy, etc.) for the organization including compliance with established policies, procedures, standards, baselines and controls.
‐ Identify, monitor and manage risks to the organizations physical and electronic information assets. This includes the execution of periodic audits, risk assessments, maintaining a risk register and documenting the decisions that result in the assumption of risk for a decision, initiative or activity impacting physical or electronic information assets.
‐ Establish the strategy and program to maintain resilience / recover critical business functions and platforms impacted by Information Security incident or natural disaster. Work closely with the IT, Business Continuity and Disaster Recovery Teams.
‐ Maintain an enterprise wide, cross functional incident response plan is tailored to information security threats and scenarios / critical assets of interest. Train and test key stakeholders on periodic basis.‐ Performs other duties as assigned.

※Please note that the position is only for those who are currently residing in Japan only
‐ Minimum of 3 years of experience in Information Security governance and compliance as indicated in “Essential duties and responsibilities”
‐ Audit and/or risk assessment experience with information security governance frameworks such as NIST, ISO27001, and COBIT.
‐ Working knowledge of applicable laws, regulations, and standards relating to security and data privacy such as PCI-DSS, GDPR, J-SOX, Japanese Privacy Law.
‐ Adequate IT knowledge and experience to communicate with IT department regarding security requirements and design.
‐ Excellent communication skills – verbal and written both in Japanese and English.
Japanese Level
  • Business
Type of people (Personality)
Annual Expected salary (Minimum)
Annual Expected salary (Maximum)
Transporation cost coverage
  • up to 20,000JPY
  • Yes
  • End of Year and New Year Holiday
  • Saturday
  • National Holiday
  • Sunday
  • Worker’s Accident Compensation Insurance (労災保険)
  • Health Insurance (健康保険)
  • Unemployment Insurance (雇用保険)
  • Welfare Pension Insurance (厚生年金保険)