Paidy Inc/Paidy合同会社
Financial Services
GRC&CybersecurityLead
“GRC & Cybersecurity Lead at Paidy Inc/Paidy合同会社. Skills: GRC, Cybersecurity, IT risk management, Information security, IT audit, SOC 2, SOC 1, ISO 27001, NIST CSF, Japanese regulatory requirements, AWS. Drive the roadmap toward Type 2 attestations. Develop and maintain security policies, standards, and procedures in collaboration with key stakeholders”
What You'll Achieve.
Drive the roadmap toward Type 2 attestations
Industry & Context.
Must be eligible to work in Japan
What They're Looking For.
Must Have
7+ years of experience in IT risk management, GRC, information security, or IT audit, Demonstrated experience with SOC 2, SOC 1, ISO 27001, NIST CSF, and Japanese regulatory requirements (APPI, Installment Sales Act), Hands-on experience with GRC tools (RSA Archer and/or Vanta strongly preferred), IT knowledge across Cloud (AWS required), Application, Software, Hardware, and Networking technologies, Experience conducting IT audits and working with audit management tooling, Demonstrated ability to build automation using scripting languages, workflow tools (e. g. , n8n), or AI, Experience working with Atlassian Jira and Confluence in a compliance or security context, Ability to lead and influence cross-functional teams without direct authority, Business-level Japanese (spoken and written) required, Business-level English required, B. S. in Information Security, Computer Science, or a related field, or equivalent practical experience
Nice to Have
JLPT N1 or equivalent Japanese language proficiency, Experience working within a corporate group or parent-subsidiary security structure, Familiarity with the Japanese financial services regulatory environment, Experience communicating security and risk topics to executive or board-level audiences
What You'll Do.
Drive the roadmap toward Type 2 attestations
Develop and maintain security policies
and procedures in collaboration with key stakeholders
Deliver compliance reporting to management
and regulatory authorities as required
Conduct IT audits and manage audit tooling to ensure continuous audit readiness
Translate parent company requirements into local policy and implementation
Partner with business units to ensure GRC and cybersecurity considerations are integrated into projects and daily operations
Deliver security awareness and compliance training programs for employees
Act as a key liaison for cybersecurity-related matters with internal stakeholders
How You'll Work.
Team & Collaboration
Collaborate with key stakeholders; Partner with business units; Lead and influence cross-functional teams without direct authority; Communicate security and risk topics to executive or board-level audiences; Acknowledge and gather the power of others, by communicating and collaborating with them
Communication Scope
Business-level Japanese (spoken and written) required; Business-level English required; Experience communicating security and risk topics to executive or board-level audiences
Applying for this GRC & Cybersecurity Lead role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Greenhouse
- Create a Greenhouse profile before applying — it saves time across multiple applications.
- Upload your resume as a PDF; the parser handles it better than Word.
- Answer all knockout questions carefully — wrong answers auto-reject before a human sees you.
- Enable email notifications to track application status in real time.
ANONYMOUS · UNFILTERED
What do employees actually say about Paidy Inc/Paidy合同会社?
Real rants from real employees. Read before you apply.