Lead Analyst, Product Governance Risk and Compliance - Japan

Genesys empowers organizations of all sizes to improve loyalty and business outcomes by creating the best experiences for their customers and employees. Through Genesys Cloud, the AI-powered Experience Orchestration platform, organizations can accelerate growth by delivering empathetic, personalized experiences at scale to drive customer loyalty, workforce engagement, efficiency and operational improvements.

We employ more than 6,000 people across the globe who embrace empathy and cultivate collaboration to succeed. And, while we offer great benefits and perks like larger tech companies, our employees have the independence to make a larger impact on the company and take ownership of their work. Join the team and create the future of customer experience together.

Job Description 

About the Role  

This is a very dynamic high growth environment and requires being agile and flexible. Successful candidates for this role must be highly experienced in evaluating, ever evolving compliance requirements and conducting gap assessments, documenting compliance related governance documents (policies, standards etc.) and leading the third-party compliance audits end to end.  You will be mentoring a team of GRC analysts and also will be well versed with risk management and risk treatment methodologies working in a similar fast-paced organization. 

You are expected to have an understanding on Cloud SaaS technical environment (preferably AWS) and determine how our leading-edge technologies and controls provide satisfaction, compensation, or mitigation to the compliance standard requirements. Candidates is expected have skill set in managing audit programs in a global organization or audit program manager role.  This will also involve translating the compliance requirements into language Developers, DevOps, and Leadership can apply to our environments and working closely with cross functional teams spread across multiple geographies. 

Major Responsibilities/Activities 

• Proactively evaluate and advise the business on new and evolving certification programs, regulatory requirements, and technologies. 

• Lead comprehensive assessments of technical controls, information security policies and procedures against applicable regulations and compliance requirements. Assessments include GAP analysis, recommendations and prioritize enhancements to the security and privacy infrastructure to remove or mitigate risk.  

• Effectively communicate execution status, key accomplishments, and risks that impact Genesys Cloud’s ability to achieve or maintain compliance accreditations or certifications to management. 

• Evaluate and audit security control systems to address requirements. 

• Advise process/control owners with the preparation and on-going maintenance of controls and control documentation (e.g., policies, procedures etc.). 

• Provide expert guidance to Development & Operations on the appropriate selection, design, implementation, and configuration of security controls. 

• Identify control deficiencies and make appropriate recommendations and drive remediation of control deficiencies. 

• Proactively identify gaps or conflicts in existing processes and work to develop solutions with cross functional teams. 

• Lead and program manage Third- party compliance audits. 

• Collaborating effectively across multiple organizations with diverse personalities and expertise to drive to agreement on complex issues. 

• Revise and maintain a library of information security and privacy policies, standards and guidelines covering all areas within the environment. 

• Engage with Infrastructure and/or Architect Teams to assess the security risk of proposed projects and system/application modifications. 

• Build strong cross-functional relationships with business partners to facilitate the development of strong compliance programs that support continuous improvement and operational efficiency. 

Minimum Requirements 

• 6+ years of related Governance Risk and compliance and/or security experience/ auditing / consulting field in above domains.  

• Working knowledge and prior experience in audit execution of a global security certification specifically ISMAP and other certification frameworks such as ISO 27001/17/18, PCI, SOC 1 / 2 and other international certification standards and frameworks.

• Detailed working knowledge of compliance frameworks (NIST 800-53 etc.). 

• Japanese language proficiency and experience working with regulatory agencies in Japan (IPA – Information Technology Promotion Agency) 
• Working with Global teams' ability to communicate in English (written and verbal); ability to communicate effectively across all levels of the organization. 

• Good understanding of security concepts and practical usage. 

• Knowledge of, or experience working with, Cloud technologies/environments, including evaluating and implementing controls on Software as a Service (SaaS), is a plus. 

• Working knowledge of GRC tools and technologies. 

• An up-to-date functioning understanding of current Cyber Security trends. 

• Experience managing multiple complex GRC projects simultaneously and good project management skills. 

• Prior experience working as a people manager. Ability to organize teams, define tasks to align with team and organizational goals, building accountability and a positive team culture with direct reports. 

• Proactive achiever and ability to operate autonomously with minimal guidance. 

• Comfortable working in a fast-paced, dynamic environment incorporating constant change as we grow. 

• Project Management experience/ Audit program Management skills 

• Analytical problem solver with strong organizational skills and eye for detail. 

• Prior Big-4 consulting experience or prior professional experience in similar cloud-based organizations is a plus. 

Desirable certifications 

• One or more Information Security Certifications: CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control)l, ISO 27K Lead Auditor/ Implementor or other security certification/accreditation. 

#LI-Remote

If a Genesys employee referred you, please use the link they sent you to apply.

About Genesys:

Genesys empowers more than 8,000 organizations in over 100 countries to improve loyalty and business outcomes by creating the best experiences for their customers and employees. Through Genesys Cloud, the AI-powered Experience Orchestration platform, Genesys delivers the future of CX to organizations of all sizes so they can provide empathetic, personalized experience at scale. As the trusted platform that is born in the cloud, Genesys Cloud helps organizations accelerate growth by enabling them to differentiate with the right customer experience at the right time, while driving stronger workforce engagement, efficiency and operational improvements. Visit www.genesys.com.

Reasonable Accommodations:

If you require a reasonable accommodation to complete any part of the application process or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you or someone you know may reach out to HR@genesys.com. You can expect a response from someone within 24-48 hours. To ensure we set you up with the best reasonable accommodation, please provide them the following information: first and last name, country of residence, the job ID(s) or (titles) of the positions you would like to apply, and the specific reasonable accommodation(s) or modification(s) you are requesting.

This email is designed to assist job seekers who seek reasonable accommodation for the application process. Messages sent for non-accommodation-related issues, such as following up on an application or submitting a resume, may not receive a response.

Genesys is an equal opportunity employer committed to equity in the workplace. We evaluate qualified applicants without regard to race, color, age, religion, sex, sexual orientation, gender identity or expression, marital status, domestic partner status, national origin, genetics, disability, military and veteran status, and other protected characteristics.

Please note that recruiters will never ask for sensitive personal or financial information during the application phase.