【Organization/Team】
You will be joining the Internal IT team, which enables the effective use of technology for HENNGE's approximately 350 full-time employees. While our team’s core mission is to support the infrastructure for maximum organizational performance, your role is specialized to focus on governance, risk, and compliance (GRC).
We currently have an Information Security Lead who maintains our security posture and leads our ISO 27001 (ISMS) certification (including related standards like 27017 and 27018). We need you to be the dedicated Coordinator who manages the continuous cycle of compliance and evidence collection, freeing up our Lead to focus on strategy and architecture.
【Business Overview】
As the ISMS Coordinator, you will manage the procedural and documentation backbone of our information security program. You will be responsible for translating high-level security policies into manageable tasks, defining and tracking ownership across teams, and preparing the company for external audits.
The main duties are as follows. We are looking for someone who is proactive and uses critical thinking to ensure that our compliance efforts are efficient and aligned with business goals. In the future, we expect you to deepen your expertise in GRC, potentially growing into a management role within the governance track.
Specific business examples:
[Information Security & Compliance Coordination]
- ISMS Maintenance (ISO 27001/27017/27018): Drive the day-to-day execution of ISMS controls and continuous improvement tasks across all departments.
- Audit Program Coordination: Coordinate and execute internal security audits, manage the collection and review of required evidence from control owners, and actively participate in the preparation for external audits.
- Task Delegation & Tracking: Assign security management tasks (e.g., access control reviews, control validation) to owners, track progress, and promptly follow up to ensure timely completion.
- Documentation Management: Maintain and update core ISMS documents, including the Statement of Applicability (SoA) and security policies, carefully reviewing for accuracy.
- Risk Management & Incident Handling Support: Coordinate the collection of data and documentation for information security risk assessments and support the documentation of the incident response process.
[Training & Documentation Management]
- Support the coordination of security awareness training logistics for new and existing employees.
- Develop and maintain documentation and manuals related to security and compliance processes.
[Security Management Work]
- Analyze security policies and procedures and recommend improvements based on efficiency and compliance needs.
- Evaluate IT systems and workflows to ensure they support, and provide evidence for, all security controls.
【Required Skills】
- Must currently reside in Japan.
- 3+ years of experience in a role focused on Information Technology, Compliance, IT Audit, or Project Coordination.
- ISMS/GRC Experience: Practical, working knowledge of the ISO/IEC 27001 standard (or a similar framework like SOC 2, NIST, or similar regulatory compliance).
- Coordination & Administration: Proven ability to manage complex, long-term administrative tasks across multiple teams and stakeholders.
- Basic IT Skills: Proficient with Google Docs/Sheets (or Word/Excel) and comfortable with cloud services and SaaS environments (Google Workspace, etc.).
Bilingual:
- Japanese: Business-level proficiency
- English: Business-level proficiency
【Preferred Skills / Certifications】
- Professional certification such as CISA (Certified Information Systems Auditor) or ISO 27001 Lead Implementer.
- Experience using a GRC (Governance, Risk, and Compliance) platform (e.g., Vanta, Drata, Secureframe, etc.).
- Experience documenting and supporting external compliance audits.
- Project management experience.
【Ideal Profile】
We are looking for a candidate who is driven by continuous process improvement and clear communication:
- Proactive Driver: Someone who starts discussions, asks questions, takes action, and doesn't wait for the next instruction, instead finding their next task by learning and observing our environment.
- Critical Thinker: Ability to go beyond the task's surface to understand "why" we are doing something, allowing you to make appropriate changes and notice problems in the security system.
- Collaborative Communicator: Those who can speak honestly and openly, listen to opinions and criticisms, and clearly explain what they want to say to a wide range of stakeholders.
- Detail-Oriented & Accountable: Those with a keen eye for detail who thrive on checking documents and ensuring the correctness of records to protect the organization's legal and security standing.
- Owner’s Mindset: Those who have a broad sense of ownership and can work to find the best solution for the organization by keeping compliance goals in mind.
【Fulfillment & Career Appeal】
- This role offers an environment where you can utilize your English skills within an organization that includes diverse members.
- As part of a small, specialized team, you will be entrusted with tasks that significantly impact the entire organization, with a high degree of autonomy (discretion). Since the team receives frequent consultations from both internal and external departments, you will clearly see the wide scope of your influence.
- You will have the opportunity to manage the entire project lifecycle, from inception through completion.
【Work Style & Employment Details】
Work Style
Flexible working hours with a designated core time (11:00-16:00), allowing you to organize your day effectively. Employees typically work 8 hours per day with a 1-hour break.
Employment Type
Permanent employee.
Place of Work
Tokyo, Japan — Shibuya Headquarters.
Compensation
Please refer to our Company Introduction Deck for an explanation of our Assessment System and the Belt System, which we use to determine the candidate's salary range: https://speakerdeck.com/hennge/company-introduction-deck-hennge
Benefits
- English Allowance and Advanced Language Expert Allowance: JPY 10,000 ~ JPY 130,000 per month, paid alongside base salary, if the employee fulfills the requirements.
- Physical Communication Bonus: JPY 4,000 per day* for coming to the office and interacting with other employees, paid out as bonus according to the number of days. Details will be provided at the offer meeting.
- Transportation allowance (maximum of JPY 35,000 per month).
- Employee Stock Ownership Plan.
- Insurance: Health, Employment, Industrial Injury, Welfare pension.
- Opportunities to attend international and domestic conferences.
- Financial support for technical certifications and technical learning programs.
Sign in
To continue your applicationor continue with email
By continuing you agree to our Terms & Privacy Policy.
![[XC] Business Unit Digital Office - Senior IT Specialist – Security, Projects & Operational Management](https://pcdns.recruit.net/2.0/big-logos-100/37/37053102.png)
![[HENNGE One] Public Sales ※東京勤務](https://pcdns.recruit.net/2.0/jobsapi/logos/44774_128x128.png)