Lead Information Security Analyst

• Provide inputs to the delivery roadmap, ensuring timely delivery in alignment with security and business objectives.
• Implement consistent Data Loss Prevention (DLP) solutions across channels (Email, Web, USB, etc.).
• Drive data discovery, classification, and labelling initiatives using tools like BigID, Microsoft Information Protection (MIP), and others.
• Develop automated workflows and processes for protecting data across both structured and unstructured sources.
• Implement data security technologies such as key management, encryption, masking, and tokenization.
• Design and manage PKI infrastructure, including certificate authorities (CAs) and certificate lifecycle management.
• Implement encryption for data-at-rest and data-in-transit, covering symmetric/asymmetric encryption, digital signatures, and hashing.
• Follow industry-standard practices for source code management, including versioning, branching, and centralized documentation.
• Align development efforts with Nomura's SDLC processes.
• Act as a Subject Matter Expert (SME) on data security, advising leadership and technical teams.

Required Knowledge, Skills & Experience

• 5+ years in IT Security, with at least 3 years focused on data security engineering.
• Hands-on experience setting up SDLC engineering activities, including CI/CD pipeline integration.
• Strong knowledge of coding best practices, version control, and documentation standards.
• Proficient with data security tools such as:
• BigID
• Microsoft Information Protection (MIP)
• Symantec DLP
• IBM Guardium (or similar)
• Expertise in:
• DLP, DRM, data classification, encryption, masking, tokenization
• Proficient in Python, PowerShell, Java, or C# for automation and development tasks.
• Experience with secrets management tools such as:
• HashiCorp Vault
• Conjur
• AWS Secrets Manager (or similar)
• Solid understanding of cloud security for AWS, Azure, and GCP.
• Good understanding of Japanese language – both reading and writing.

Beneficial Skills & Certifications

• Security certifications: CISSP, CISM, CCSP, or equivalent.
• Experience managing data security programs and strategic initiatives.
• Familiarity with security frameworks:
• NIST, ISO 27001, CSA, SCF
• Awareness of emerging technologies:
• AI and ML for security analytics
• Familiarity with SIEM platforms and incident management tools.

Personal Characteristics

• Strong interpersonal and influencing skills; self-starter.
• Committed to continuous improvement and professional development.
• Skilled at managing multiple concurrent tasks and setting expectations.
• High degree of integrity, professionalism, and attention to detail