LINE is committed to user privacy and compliance with data protection regulations. Our information security team is involved from the early service planning stages, and oversees how user data is to be processed throughout the service provision to ensure that our data management practice complies with security regulations and the company’s data policy. In addition, this team is in charge of preparing and enforcing internal security policy, operating information security management systems, and conducting security awareness training to maintain the appropriate level of data governance throughout the company.
Knowledge of information security management and personal data protection is mandatory for this position. Furthermore, to be capable of conducting privacy impact assessment and providing effective advice on the service specification, you need to have basic IT understanding.
This position will cooperate with legal, planning, government relationship, and engineering departments. You will learn how to provide a reliable service by designing user-facing UX flows and applying security technologies.
- Perform privacy assessment to ensure that LINE services and campaigns are in compliance with the personal data protection regulations as well as internal policy.
- Engage in service design review and provide privacy-friendly suggestions to protect LINE users’ personal data.
- Co-work with global teams to deal with privacy and data protection issues.
Security policy enforcement
- Perform internal and external security audit.
- Assess the security risks within the office, develop local guidelines, and help employees to comply with company’s information security policy.
- Provide security training to employees.
Required Skills and Qualifications
- Must be familiar with Information Security Management Systems (ISMS) and its practices.
- Must be familiar with Taiwan Personal Data Protection Act
- Must be familiar with personal information management system, such PIMS or TPIPAS
- Should be familiar with corporate security management systems, such as endpoint security, anti-virus, DLP, internal network security, and physical security management.
- Team orientation who can communicate with teams from different countries/departments
- Fluent English
Preferred Skills and Qualifications
- Information security certificates, such as ISO 27001 LA, BS10012, CISSP, CISA or TPIPAS
- Experience in building the ISMS and PIMS for enterprises
- Basic understanding of Internet, instant messengers, web/mobile services and encryption technology
- Working experience in firewall, DLP, and anti-virus systems
- Incident response ability
- Japanese or Korean language skill would be a plus