Cybersecurity Compliance Analyst

Summary:

Hitachi Ltd. is seeking a highly diversified Cybersecurity Compliance Analyst to join the Information Security and Risk Management Division (ISRD)’s America Branch. The ideal candidate will possess hands-on experience in cybersecurity-related audit/assessments for different industries, as well as an understanding of the evolving threat landscape and technologies. This role requires a proactive individual with excellent communication skills to collaborate effectively with stakeholders across various subsidiaries and departments in the Americas region.

Responsibilities:

1. Security Assessment: Perform an assessment of subsidiaries’ current information security management system, infrastructure, data flow/management, network/identity access control, vulnerability management, etc. Document findings such as security risks, vulnerabilities, and threats, and advise possible improvements to enhance the overall cybersecurity posture.
2. Compliance and Governance: Assist subsidiaries in ensuring compliance with relevant regulations and standards and promote governance frameworks to manage information security risks effectively.
3. Communication and Awareness: Work closely with stakeholders across departments and subsidiaries in the Americas region as well as with other regional branch members to foster a culture of cybersecurity awareness and collaboration, including sharing security best practices and experiences. The candidate will also support bi-annual educational workshops or meetings for the Americas Region.
4. Keeping up with Cybersecurity Trends: Stay informed about the latest cybersecurity trends, threats, and technologies to continually enhance the organization's security posture and practices. This will include attending educational workshops/seminars, reviewing publications, and participating in security communities such as ISACA, ISC2, SANS Institute, etc.

Qualifications:

• Bachelor’s degree in computer science, Information Systems, or equivalent education or work experience
• 4+ years of experience in Security Audits and Assessments of various-sized organizations in different industries
• Knowledge of relevant regulations and standards (e.g., GDPR, ISO 27001, NIST, FERPA) and experience in ensuring compliance within a multinational environment.
• Knowledge of desktop, server, application, database, network security principles for risk identification and analysis
• Strong analytical and problem-solving skills with the ability to assess and mitigate security risks effectively.
• Excellent written, presentation and communication skills with the ability to effectively convey complex security concepts, issues, incidents, etc., to both technical and non-technical stakeholders.
• Ability to work independently and collaboratively in a dynamic and fast-paced environment, managing multiple priorities effectively.
• General understanding of Cloud and On-Prem Security Architecture
• OT and product security knowledge or working in such an environment is a plus
• General understanding of the impact of economic, cultural, geopolitical events in relation to cybersecurity trends/motives
• CISA, CISSP, CISM, CRISC, or other relevant designation preferred
• Proficiency in Japanese reading/writing would be a plus

Other Requirements:

• Accommodate weekly meetings with ISRD in the evenings and quarterly Regional meetings (times rotate between US/Japan/UK)
• Infrequent travel within the Americas region is to be expected, with a possible opportunity to travel to Japan.