Chief Information Security Officer (CISO)
Reporting to the Chief Information Officer (CIO), the Chief Information Security Officer (CISO) serves as the executive leader responsible for shaping and overseeing the institution’s cybersecurity strategy and operations, ensuring the protection of critical digital assets and mitigating associated, ever-evolving cyber risks. This role is critical in protecting OIST’s academic, research, and administrative digital assets, ensuring the confidentiality, integrity, and availability of institutional data.
The CISO will,
- Oversee the institution’s cybersecurity program and operations.
- Be accountable for the development and management of cybersecurity infrastructure, covering device and network security, data protection frameworks, incident prevention/response protocols, and threat intelligence mechanisms.
- Implement and enforce risk mitigation measures across institutional systems.
- Ensure compliance with Japanese cybersecurity regulations and global best practices for academic institutions.
- Lead initiatives to enhance cybersecurity resilience against evolving threats.
- Cultivate a culture of security awareness, resilience, and continuous improvement.
- Any other relevant duties as assigned/designated by the CIO.
This role demands a strategic leader with deep technical expertise, strong leadership capabilities, and a thorough understanding of cybersecurity in higher education, research data protection, and Japan’s regulatory landscape.
The Okinawa Institute of Science and Technology Graduate University was established in 2011 to contribute to the development of science and technology worldwide and to serve as a hub of innovation in Okinawa. OIST is a dynamic new graduate university of science and technology in Okinawa Prefecture, Japan which offers a 5-year PhD program and brings together outstanding researchers from across the country and across disciplines to conduct cutting-edge scientific research.
The university is located on 85 hectares of protected forestland overlooking a beautiful shoreline and coral reefs. The campus is striking architecturally, and the facilities are outstanding. To facilitate multidisciplinary research, there are no academic departments. Outstanding resources and equipment are provided and managed to encourage easy access and collaboration.
English is the official language of the University, and the university research community is fully international, with more than 50 countries represented. OIST is rapidly gaining recognition in the worldwide academic community as a model for excellence in education and research, and our unwavering commitment to scientific and technological innovation is dedicated to generating progress that will fuel Okinawa's economic growth.
1. Cybersecurity Strategy & Leadership
- Partner with the CIO and executive leadership to develop and execute an information security strategy, embedding cybersecurity into institutional planning and governance.
- Define and track performance metrics (KPIs, SLAs, SLOs) to measure effectiveness and maturity.
- Lead maturity assessments and benchmark against global best practices.
- Lead and develop the information security team, fostering a high-performance and inclusive culture.
2. Governance, Compliance & Risk
- Establish and maintain security policies and standards aligned with institutional and regulatory requirements (e.g., NIST, ISO 27001, Japanese frameworks).
- Oversee compliance across vendors, research partners, and IT contracts (IaaS, PaaS, SaaS, SWAS).
- Collaborate with the Risk Manager and institutional committees to align cybersecurity with enterprise risk management.
3. Security Operations
- Oversee daily security operations and ensure protection of IT assets and data.
- Lead incident response, containment, and remediation efforts, reporting outcomes to the CIO and relevant committees.
- Implement monitoring systems and track threat detection KPIs.
- Guide secure architecture design and adoption of advanced technologies (e.g., IAM, DLP, encryption).
- Strengthen identity governance through RBAC, PAM, and MFA.
(Required)
- Bachelor’s degree in Computer Science, Information Security, IT, or a related field.
- 10+ years of progressive leadership in information security, IT risk management, or related domains.
- 3+ years in a senior role—ideally as CISO or equivalent—with strategic oversight of enterprise security programs.
- Demonstrated success in leading institution-wide security initiatives, including governance, risk, compliance, and incident response.
- Experience in complex, regulated environments such as higher education, research institutions, non-profits, international organizations, or industries like finance, healthcare, and technology.
- CISSP (Certified Information Systems Security Professional) or Chartered Cyber Security Professional.
- Deep knowledge of industry frameworks (ISO 27001, NIST CSF, CIS Controls), Japanese data protection laws (APPI), and global compliance standards (GDPR, HIPAA).
- Strong grasp of enterprise risk management, security architecture, and incident response planning.
- Familiarity with academic environments, research data protection, and open-access systems.
- Skilled in solving complex security challenges with a forward-looking, data-informed approach.
- Excellent communicator in English; Japanese proficiency highly desirable for stakeholder engagement and regulatory alignment.
(Preferred)
- Master’s or Ph.D. in Cybersecurity, Information Assurance, Business Administration, or a closely related discipline.
- CISM (Certified Information Security Manager)
- CISA (Certified Information Systems Auditor)
- CCSP (Certified Cloud Security Professional)
- CRISC, CEH, ISO 27001 Lead Implementer/Auditor
In accordance with the OIST Employee Compensation Regulations
Benefits:
- Relocation, housing and commuting allowances
- Annual paid leave and summer holidays
- Health insurance (Private School Mutual Aid)
- Welfare pension insurance (kousei-nenkin)
- Worker's accident compensation insurance (roudousha-saigai-hoshou-hoken)
- Access to Child Development Center
- Access to Schooling Options
- Language Education
- Resource Center (Daily Life Support in Okinawa)
- Remote Work System
- Curriculum vitae ideally in both Japanese and English
* Please be sure to indicate where you first saw the job advertisement.
- OIST Graduate University is an equal opportunity, affirmative action educator and employer and is committed to increasing the diversity of its faculty, students and staff.
- Information provided by applicants or references will be kept confidential in accordance to the OIST Privacy Policy; documents will not be returned.
- Recruiting Organization: Okinawa Institute of Science and Technology School Corporation
- Prevention of Passive Smoking: No smoking indoors
- Please view our policy for rules on external professional activities: Rules for Concurrent Appointment.
- Further details about the University can be viewed on our website.
Term: Full-time, Non-fixed term appointment. Contract initially with 6-month probationary period (inclusive).
Scheduled Working hours: 9:00 – 17:30
Rest period: 12:00 – 13:00
As this is a managerial role, the working days, working hours, and break time do not apply to general employees' prescribed working hours.
Holidays
Saturday, Sunday, National holidays, and Year-end and New Year holidays (Dec. 29 – Jan. 3)
Leave
Annual Paid Holidays, Summer Leave, Sick Leave, and Special Leave
We thank all those who apply but only those selected for further consideration will be contacted.