Corporate IT & Security Specialist

HENNGE Shibuya-ku, Tokyo July 6 2026
  • 💴 No salary range given
  • 🏡
    Partially remote
  • 🗾 Japan residents only
  • 💬
    Business Japanese
    Business English
  • 🧪
    Intermediate level
    3+ years experience required
DO YOU NEED MORE INFO?
ASK A QUESTION

About HENNGE

HENNGE Shibuya-ku, Tokyo

HENNGE One, one of the top cloud security services in Japan, enables customers to adopt flexible work environments and safely harness the power of the cloud from any location.

Key benefits

  • Relocation support
  • Work life balance highly valued
  • Highly technical CEO

About the position

You will be joining the Internal IT team, which enables the effective use of technology for HENNGE’s approximately 350 full-time employees. While our team’s core mission is to support the infrastructure for maximum organizational performance, your role is specialized to focus on governance, risk, and compliance (GRC).

We currently have an Information Security Lead who maintains our security posture and leads our ISO 27001 (ISMS) certification (including related standards like 27017 and 27018). We need you to be the dedicated Coordinator who manages the continuous cycle of compliance and evidence collection, freeing up our Lead to focus on strategy and architecture.

As the ISMS Coordinator, you will manage the procedural and documentation backbone of our information security program. You will be responsible for translating high-level security policies into manageable tasks, defining and tracking ownership across teams, and preparing the company for external audits.

The main duties are as follows. We are looking for someone who is proactive and uses critical thinking to ensure that our compliance efforts are efficient and aligned with business goals. In the future, we expect you to deepen your expertise in GRC, potentially growing into a management role within the governance track.

Responsibilities

Specific business examples:

[Information Security & Compliance Coordination]

  • ISMS Maintenance (ISO 27001/27017/27018): Drive the day-to-day execution of ISMS controls and continuous improvement tasks across all departments.
  • Audit Program Coordination: Coordinate and execute internal security audits, manage the collection and review of required evidence from control owners, and actively participate in the preparation for external audits.
  • Task Delegation & Tracking: Assign security management tasks (e.g., access control reviews, control validation) to owners, track progress, and promptly follow up to ensure timely completion.
  • Documentation Management: Maintain and update core ISMS documents, including the Statement of Applicability (SoA) and security policies, carefully reviewing for accuracy.
  • Risk Management & Incident Handling Support: Coordinate the collection of data and documentation for information security risk assessments and support the documentation of the incident response process.

[Training & Documentation Management]

  • Support the coordination of security awareness training logistics for new and existing employees.
  • Develop and maintain documentation and manuals related to security and compliance processes.

[Security Management Work]

  • Analyze security policies and procedures and recommend improvements based on efficiency and compliance needs.
  • Evaluate IT systems and workflows to ensure they support, and provide evidence for, all security controls.

Requirements

  • Must currently reside in Japan.
  • 3+ years of experience in a role focused on Information Technology, Compliance, IT Audit, or Project Coordination.
  • ISMS/GRC Experience: Practical, working knowledge of the ISO/IEC 27001 standard (or a similar framework like SOC 2, NIST, or similar regulatory compliance).
  • Coordination & Administration: Proven ability to manage complex, long-term administrative tasks across multiple teams and stakeholders.
  • Basic IT Skills: Proficient with Google Docs/Sheets (or Word/Excel) and comfortable with cloud services and SaaS environments (Google Workspace, etc.).
  • Japanese: Business-level proficiency

Nice to haves

While not specifically required, tell us if you have any of the following.

  • Professional certification such as CISA (Certified Information Systems Auditor) or ISO 27001 Lead Implementer.
  • Experience using a GRC (Governance, Risk, and Compliance) platform (e.g., Vanta, Drata, Secureframe, etc.).
  • Experience documenting and supporting external compliance audits.
  • Project management experience.

Compensation

Our salary range is inclusive of English Allowance & Physical Communication Bonus - please check the details below, with the final amount determined based on your experience and skills.

Please refer to our Company Introduction Deck for an explanation of our Assessment System and the Belt System, which we use to determine the candidate’s salary range.

Benefits

  • English Allowance and Advanced Language Expert Allowance: JPY 10,000 ~ JPY 130,000 per month, paid alongside base salary, if the employee fulfills the requirements.
  • Physical Communication Bonus: JPY 4,000 per day, applicable from October 2025 onwards, for coming to the office and interacting with other employees, paid out as bonus according to the number of days.

Details will be provided at the offer meeting.

Hiring Process

  1. 1

    CV submission

    Note: A casual interview might occur if the team deems it necessary.

  2. 2

    1st interview

  3. 3

    2nd interview

  4. 4

    Final interview

DO YOU NEED MORE INFO?
ASK A QUESTION

More jobs like this

We'll send you a digest of new English-friendly software developer jobs in Japan. Your email stays private, we don't share or sell it.