【KJ】 Director, Security Technical Engineer

Who We Are

At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl? We are always moving forward – always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities.

The Role

Are you passionate about cybersecurity and looking for an exciting role where you can make a difference? If so, we have an opportunity for you! As a Security Specialist at Kyndryl, you will play a crucial role in enabling and securing our customer organizations, cultures, and ecosystems. 

Your responsibilities will be varied and dynamic, spanning asset classification models, risk assessment reports, information security policies, security solution scenarios, implementation plans, organization models, procedures, security services, security effectiveness evaluation reports, and security awareness workshops. You will be tasked with configuring, monitoring, and managing the performance of networks to maintain the quality of services, while also protecting organizational infrastructure from malicious cyber-attacks.

As a key member of our team, you will assess, predict, prevent, and manage the risk of IT infrastructure and data, helping our customers stay ahead of the curve and ensure their systems are secure. You will develop and implement security policies and procedures, working closely with other departments to ensure that all security measures are in place and operating effectively.

But that is not all – at Kyndryl you will have the opportunity to explore innovation in CyberSecurity data science – taking information that has been gathered and looking for areas to have that “Ah Ha” moment. Drawing conclusions and patterns from the data across single and multiple clients. Creating new ideas in the area of risk management and risk quantification.

In addition to your technical responsibilities, you will also play a key role in raising awareness of potential security threats through technical security training on best practices. This is an exciting opportunity to help shape the culture of our clients' organizations and make a tangible impact on their security posture.

If you have a passion for cybersecurity – governance, risk and compliance, are looking for a challenging and dynamic role, and want to work with a team of like-minded individuals, then we want to hear from you! Join us as a Security Specialist and help us secure the future of our clients' organizations.

Your Future at Kyndryl
Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won’t find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here.

企業のお客様に対するオンプレ中心の境界型セキュリティからクラウドを中心とするゼロトラストアーキテクチャーへの移行を支援するシニア・プロフェッショナル・セキュリティエンジニアを募集します。
私たちKyndrylは、社会に必要不可欠なテクノロジー基盤をデザイン、構築、運用する会社であり、お客様のDX推進におけるセキュリティ戦略を実現・支援するために、特定ベンダーに依存しない最適なセキュリティソリューションをお客様へ提供することを重要なミッションの一つとしています。
このミッションを達成するために、今回の募集ではゼロトラストアーキテクチャを中心としたセキュリティ提案、設計、導入、移行をリードできるシニア・プロフェッショナル・セキュリティエンジニアを求めています。

＊ネットワーク, 認証認可, エンドポイント, SOC設計・構築の複数の領域のスキル・経験がある方を歓迎いたします

【業務内容】

・Kyndryl Japanのセキュリティデリバリービジネスの第一人者として、複雑な環境下での、高い要求レベルが求められるセキュリティプロジェクトの遂行

・あらゆる業種のお客様に対する、お客様ビジネス目標に寄り添うセキュリティソリューションの提案
・ゼロトラストアーキテクチャを中心としたセキュリティ設計、導入、移行のリード
・社内外のパートナーとの協業

【求める人材像】
・お客様志向の考えを持ち、お客様マネジメント層との会話や活動が実践できる
・案件をリードできるリーダーシップスキル
・会話の論理性（わかりやすい、説得力がある、納得感がある）

・Kyndryl Japanの仲間のロールモデルとして振る舞い、指導できること

Who You Are

You’re good at what you do and possess the required experience to prove it. However, equally as important – you have a growth mindset; keen to drive your own personal and professional development. You are customer-focused – someone who prioritizes customer success in their work. And finally, you’re open and borderless – naturally inclusive in how you work with others.

Required Skills and Experience

•2+ years of experience in more than one of the following GRC frameworks; enterprise risk management, internal audit, regulatory compliance management, policy management, third party risk management
•Working knowledge of common audit and compliance tools
•Experience in analyzing and translating business requirements into control objectives, designing security controls, and implementation within a security management cycle
•Excellent understanding of security standards and best practices e.g., ISO27001, NIST
•Experience in advising clients on one or more regulatory requirements (e.g.,HIPAA, PCI DSS, FBA, GDPR, DORA)
•Experience performing GRC maturity assessments
•Experience with coordinating SOC 2 and/or ISO 27001 audits

Preferred Skills and Experience

•Valid and current certification in: CRISC – Certified in Risk and Information System Controls ; CGEIT – Certified in the Governance of Enterprise IT ; CERA – Chartered Enterprise Risk Analyst; CISM – Certified Information Security Manager; CISA – Certified Information Security Auditor; CISSP
•Statistical analysis and models
•Basic skills in network, compute, cloud computing
•Understanding and daily use of Microsoft Office 365 Suite and other productivity tools (e.g., Excel, Word, PowerPoint, SharePoint) to accomplish audit and compliance related tasks
•Experience with project management and ability to manage security initiatives or projects

Required Professional and Technical Expertise :

This position requires Business level Japanese.
1. 以下のいずれかのセキュリティソリューション、製品に関する業務経験
・ネットワーク・クラウドセキュリティ(SASE, SWG, CASB, CSPM, WAFなどのうちいずれか)主なベンダー(Microsoft, VMware, Cisco, Paloalto, Zscalerなど)
・認証認可セキュリティ(IDaaS(IAM), IAP, ADなどのうちいずれか)主なベンダー(Microsoft, Oktaなど)
・SIEM、SOAR 主なベンダー(Microsoft, Splunk, Exabeamなど)
・セキュリティ監視・対応・SOC/CSIRT運用(SOC構築、運用やCSIRT, インシデント対応運用)

２. 経験
・企業IT環境におけるCloud,、ネットワーク、 サーバーなどインフラ導入に関する要件定義、製品選定、設計、構築、移行、運用のいずれかの経験

・ゼロトラストセキュリティ(IDaaS, SASE, エンドポイントセキュリティ, SIEM/SOARなど)およびセキュリティサービス(SOC, CSIRTなど)の企業IT環境への導入、運用リードの経験
・ITベンダーにおけるセキュリティエンジニアとしての5年以上の経験
・お客様、プロジェクトメンバー、各種ステークホルダーとのコミュニケーション・調整
・チームリーダー、プロジェクトマネージャーなどチームをリードした経験
・基本的な英語の読み書き能力(TOEIC 730点程度が目安だが、TOEIC受験経験は問わない)
 

Preferred Professional and Technical Expertise :

１.資格
・CISSP、Microsoft SC100、SC200、SC300、AWS Certified Security Specialty、情報処理安全確保支援士、CompTIA Security+、PMPなど

Being You

Diversity is a whole lot more than what we look like or where we come from, it’s how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we’re not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you – and everyone next to you – the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That’s the Kyndryl Way.

What You Can Expect

With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter – wherever you are in your life journey. Our employee learning programs give you access to the best learning in the industry to receive certifications, including Microsoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations.  At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed.

Get Referred!

If you know someone that works at Kyndryl, when asked ‘How Did You Hear About Us’ during the application process, select ‘Employee Referral’ and enter your contact's Kyndryl email address.