Senior Cyber Security Consultant
ID: JR0032927
Job Title:
Senior Cyber Security Consultant
About Trellix:
Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s comprehensive, open and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at https://trellix.com.
Role Overview:
You will be a professional services consultant for CSIRT support. You will report to Sr. Manager Professional Services.
仕事内容:
官公庁、重要インフラ企業、金融、製造業等のお客様に対するCSIRT支援(インシデントレスポンス含む)、SOC支援、セキュリティアセスメント、調査研究、脆弱診断、ペネトレーションテスト等の業務にチームメンバーとして従事していただきます。
ご自身のバックグラウンドやセキュリティキャリアの志向に応じて、マネージャと相談のうえ、上記業務のうち2-3領域をご担当いただきつつ、ご自身のセキュリティスキルの向上を図っていきます。
プリセールスからデリバリまでをご担当いただきます。営業部門と協力して提案を行うところから実際にデリバリを行うまでの案件の一連の動きにすべて携われる一気通貫の経験を積むことが可能です。
仕事は、プロジェクト単位です。3か月程度の短期のものから、数年に及ぶ長期プロジェクトに従事いただく可能性があります。3-4名程度のチームを組んで進めるものが多いです。
入社後、3か月はOJT期間です。マネージャやメンターからサポートを受けながら、参画いただくデリバリ案件やプリセールスにOJT期間を使ってキャッチアップ頂きます。
必要な経験:
7年以上の社会人経験
以下のセキュリティ関連業務(いずれか1つ以上)の1年以上の経験
CSIRT支援関連(規定類改定、セキュリティ計画策定、セキュリティ教育、セキ
ュリティヘルプデスク、インシデントレスポンス、フォレンジック、マルウェア分析等)
SOC支援関連(SIEMを使用したログ分析、パケット分析、脆弱性対応等)
IT/OT セキュリティアセスメント
サイバーセキュリティ・情報セキュリティに関する調査研究
脆弱診断、ペネトレーションテスト 等
業務経験
2年以上のシステム設計/構築、クラウド等のIT領域の業務経験(必須)
セキュリティ・コンサルティングを1年以上行った経験があると望ましい。
複数のセキュリティ・コンサルティング案件又は複数のセキュリティ関連業務のプリセールスを行った経験があると望ましい。
以下の資格・スキル:
サイバーセキュリティ、情報セキュリティへの高い学習意欲(必須)
顧客を含む関係者とのコミュニケーション・調整スキル(現時点では低くとも獲
得する意欲がある必要があります。)
基本情報技術者試験 合格(合格が望ましいですが、同レベルの知識レベルがあ
れば支障ありません)
ビジネスレベルの日本語能力(読み書き、スピーキング)は必須
ビジネスレベルの英語能力(読み書き、スピーキング)がある場合、望ましい。(入社する際に、英語に抵抗感はない程度であれば問題ない。)
Job description:
You will be engaged in tasks such as CSIRT support (including incident response),SOC support, security assessment, research, vulnerability diagnosis, and penetration testing for customers in government agencies, critical infrastructurecompanies, finance, and manufacturing industries as a team member.
Depending on your background and security career aspirations, you will be
responsible for 2-3 areas of the above duties to improve your own security skills after consulting with your manager.
Responsible for everything from pre-sales to delivery. It is possible to gain hands-on experience by being involved in the entire project from making proposals in cooperation with the sales department to delivering them.
Our work is on a per-project basis. There is a possibility that you will be engaged in a short-term project of about 3 months or a long-term project that spans several years. In many cases, a team (3-4 people) is formed to proceed.
Three months after joining the company is the OJT period. While receiving support from managers and mentors, you will use the OJT period to catch up on delivery projects and pre-sales that you participate in.
Required experience:
More than 3 years working experience.
At least 1 year of experience in one or more of the following security-related tasks
• CSIRT support (regulation revision, security planning, security education,
security helpdesk, incident response, forensics, malware analysis, etc.)
• SOC support related (log analysis using SIEM, packet analysis, vulnerability
response, etc.)
• IT/OT Security Assessment
• Investigative research on cyber security and information security
• Vulnerability diagnosis, penetration test, etc.
work experience
• More than 2 years of experience in IT area such as system design/construction,
cloud, etc. (required)
• One or more years of security consulting experience preferred.
• It is preferable to have experience in multiple security consulting projects or pre-
sales for multiple security-related services.
The following qualifications/skills
• Strong desire to learn about cyber security and information security (required)
• Communication and coordination skills with stakeholders including customers
(At the moment, it is necessary to have a desire to acquire at least.)
• Passed the Basic Information Technology Engineer Examination (passing is
desirable, but there is no problem if you have the same level of knowledge)
Business level Japanese proficiency (reading, writing, speaking) is required.
Business level English proficiency (reading, writing and speaking) preferred. (If you are not comfortable with English when joining the company, there is no problem.)
About You:
- Experience leading the team as a technical leader.
- Fluency in Japanese (Japanese skills are required to communicating with local customers, sales, support)
- Should hold Certified Information Systems Security Professional (CISSP) and one of the following certifications:
- GIAC Certified Forensic Analyst (GCFA)
- GIAC Certified Forensic Examiner (GCFE)
- GIAC Reverse Engineering Malware (GREM)
- Certified Information Security Manager (CISM)
- Certified Information Systems Auditor (CISA)
- Certified Ethical Hacker (CEH)
- Computer Hacking Forensic Investigator (CHFI)
- Global Information Assurance Certification (GIAC)
- Project Management Professional (PMP)
Preferred Experience
- User education pertaining to information security
- Software development and programming experience
- Web application development experience
- Security consulting for government agencies and financial industry experience
- Troubleshoot software and hardware products
- Business sales & pre-sales experience-Previous consulting service experience
Company Benefits and Perks:
We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
- Retirement Plans
- Medical, Dental and Vision Coverage
- Paid Time Off
- Paid Parental Leave
- Support for Community Involvement
We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.