[Infra Div.] Security Policy Specialist (7년 이상)

KRAFTON
Full_timeSeoul, South Korea

📍 Job Overview

  • Job Title: [Infra Div.] Security Policy Specialist (7년 이상)
  • Company: KRAFTON
  • Location: Seoul
  • Job Type: On-site
  • Category: Security
  • Date Posted: 2025-07-15

🚀 Role Summary

  • Key Responsibilities: Develop and maintain security policies, collaborate with international teams, and manage compliance operations.
  • Key Skills: Security policy development, compliance management, ISO 27001, technical security, IT network, cloud security, policy development, communication, project management, research, training, documentation, collaboration, CISSP, multicultural communication.

💻 Primary Responsibilities

  • Responsibility 1: Develop and maintain security policies for KRAFTON and its affiliates.
  • Responsibility 2: Collaborate with international teams to ensure consistent security standards and compliance.
  • Responsibility 3: Manage compliance operations, including audits, assessments, and remediation.
  • Responsibility 4: Conduct security training and awareness programs for employees.
  • Responsibility 5: Research and implement emerging security trends and best practices.

🎓 Skills & Qualifications

Education: Bachelor's degree or higher in Computer Science, Information Security, or a related field.

Experience: At least 7 years of experience in information security, with a focus on technical security and compliance.

Required Skills:

  • Proficiency in English (Native level)
  • Minimum TOPIK Level 2 in Korean
  • Experience in leading policy application projects
  • Strong communication and collaboration skills
  • Familiarity with ISO 2701 standards and compliance management

Preferred Skills:

  • CISSP certification or equivalent
  • Experience with cloud security (AWS/Azure)
  • Familiarity with international security standards and regulations
  • Experience working with multicultural teams

📊 Portfolio & Project Requirements

Portfolio Essentials:

  • Examples of developed security policies and standards
  • Documentation of security training programs and materials
  • Case studies of successful compliance management and remediation projects

Technical Documentation:

  • Detailed security policy and standard documents
  • Compliance management and remediation plans
  • Security training materials and presentations

💵 Compensation & Benefits

Salary Range: Competitive salary package based on experience and industry standards.

Benefits:

  • Comprehensive health insurance
  • Retirement benefits (pension, 401k, etc.)
  • Employee stock ownership plans
  • Generous vacation and holiday policies
  • On-site fitness and wellness facilities
  • Company-provided meals and snacks
  • Professional development opportunities and training

🎯 Team & Company Context

Company Culture:

  • KRAFTON fosters a collaborative and innovative work environment, emphasizing continuous learning and growth.
  • The Security Policy team works closely with other departments, including IT, HR, and legal, to ensure comprehensive security coverage.

Team Structure:

  • The Security Policy team consists of experienced security professionals with diverse backgrounds and expertise.
  • The team follows a flat hierarchy, encouraging open communication and cross-functional collaboration.

Development Methodology:

  • KRAFTON uses Agile methodologies for security policy development and compliance management.
  • The team employs code reviews, testing, and quality assurance practices to ensure the effectiveness and efficiency of security policies.

📈 Career & Growth Analysis

Web Technology Career Level: Senior-level role with significant influence on KRAFTON's security policies and compliance operations.

Reporting Structure: The Security Policy Specialist reports directly to the Head of Security Policy, with regular interactions with the CISO and other senior stakeholders.

Technical Impact: The role has a significant impact on KRAFTON's overall security posture, ensuring compliance with international security standards and regulations.

Growth Opportunities:

  • Career Progression: The role offers opportunities for career progression, including management and leadership positions within the security team.
  • Technical Skill Development: KRAFTON encourages continuous learning and provides resources for employees to develop their technical skills and expertise.
  • Emerging Technologies: The role involves staying up-to-date with emerging security trends and best practices, providing opportunities for professional growth and development.

🌐 Work Environment

Office Type: KRAFTON's headquarters is located in the Gangnam-gu district of Seoul, offering a modern and collaborative work environment.

Office Location(s): The Security Policy team works primarily from the headquarters, with occasional travel to other KRAFTON offices and affiliate locations.

Workspace Context:

  • The Security Policy team works in an open-plan office, fostering collaboration and communication among team members.
  • The team has access to dedicated meeting rooms and quiet spaces for focused work and private discussions.
  • KRAFTON provides ergonomic workstations, high-quality equipment, and comfortable working environments to support employee productivity and well-being.

Work Schedule: KRAFTON follows a standard workweek from Monday to Friday, with flexible working hours to accommodate employee needs and preferences.

📄 Application & Technical Interview Process

Interview Process:

  1. Phone Screening: A brief phone call to assess communication skills and cultural fit.
  2. Technical Assessment: A hands-on assessment to evaluate security policy development and compliance management skills.
  3. On-site Interview: A comprehensive interview with the hiring manager, team members, and other stakeholders to discuss the role, team dynamics, and career growth opportunities.
  4. Final Decision: A final decision based on the candidate's technical skills, cultural fit, and alignment with the team's goals and objectives.

Portfolio Review Tips:

  • Highlight examples of security policies and standards developed and implemented.
  • Demonstrate the ability to communicate complex security concepts to non-technical stakeholders.
  • Showcase successful compliance management and remediation projects.

Technical Challenge Preparation:

  • Brush up on security policy development and compliance management best practices.
  • Familiarize yourself with KRAFTON's security policies and standards.
  • Prepare questions and insights related to emerging security trends and industry best practices.

🛠 Technology Stack & Web Infrastructure

Security Policy Tools:

  • ISO 27001/ISO 27002 standards and guidelines
  • Compliance management software (e.g., RSA Archer, NAVEXUS GRC)
  • Security information and event management (SIEM) systems (e.g., Splunk, IBM QRadar)
  • Cloud security platforms (e.g., AWS, Azure, Google Cloud)

Collaboration Tools:

  • Microsoft Office Suite (Word, Excel, PowerPoint)
  • Google Workspace (Google Docs, Sheets, Slides)
  • Project management tools (e.g., JIRA, Asana, Trello)
  • Communication and collaboration platforms (e.g., Microsoft Teams, Slack)

Programming Languages:

  • Proficiency in English is required for effective communication and collaboration with international teams.
  • Familiarity with Korean is preferred for working in a Korean-speaking environment.

👥 Team Culture & Values

Security Policy Values:

  • Proactive: Anticipate and address security threats and vulnerabilities before they impact the organization.
  • Collaborative: Work closely with other departments and teams to ensure comprehensive security coverage and compliance.
  • Adaptable: Stay up-to-date with emerging security trends and best practices, and continuously improve security policies and standards.
  • Transparent: Communicate security risks, issues, and remediation efforts openly and effectively with stakeholders.

Collaboration Style:

  • The Security Policy team fosters a culture of open communication, active listening, and continuous learning.
  • Team members work collaboratively to develop and implement security policies and standards that meet the organization's needs and objectives.
  • The team values knowledge sharing, mentoring, and cross-functional collaboration to drive security excellence and innovation.

📈 Challenges & Growth Opportunities

Technical Challenges:

  • Staying up-to-date with emerging security trends and best practices.
  • Developing and implementing security policies that balance security and usability.
  • Managing compliance with multiple international security standards and regulations.

Learning & Development Opportunities:

  • Attend industry conferences and events to network with other security professionals and learn about emerging security trends and best practices.
  • Pursue relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer) to enhance technical expertise and career prospects.
  • Participate in internal training programs and workshops to develop leadership and management skills.

💡 Interview Preparation

Technical Questions:

  • Security Policy Development: Explain the process of developing and implementing security policies, including risk assessment, policy creation, and enforcement.
  • Compliance Management: Describe your experience with compliance management, including audits, assessments, and remediation.
  • Security Awareness: Discuss your approach to security awareness and training, including effective communication strategies and engagement methods.

Company & Culture Questions:

  • Security Culture: Explain how you would foster a strong security culture within KRAFTON, emphasizing the importance of security awareness and collaboration.
  • Team Dynamics: Describe your experience working with multicultural teams and managing diverse stakeholder expectations.
  • Adaptability: Discuss your ability to adapt to changing security landscapes and emerging threats, and how you would help KRAFTON stay ahead of security trends and best practices.

Portfolio Presentation Strategy:

  • Security Policy Examples: Present examples of security policies you have developed and implemented, highlighting their impact on organizational security and compliance.
  • Compliance Management Case Studies: Share case studies of successful compliance management and remediation projects, emphasizing your problem-solving skills and ability to drive results.
  • Security Awareness Initiatives: Describe security awareness initiatives you have led or participated in, demonstrating your ability to engage and educate employees on security best practices.

📌 Application Steps

To apply for this Security Policy Specialist position at KRAFTON:

  1. Submit your application through the provided link.
  2. Prepare a detailed resume highlighting your security policy development, compliance management, and leadership experience.
  3. Include a cover letter explaining your interest in the role and how your skills and experience align with the job requirements.
  4. Prepare a portfolio showcasing your security policy development, compliance management, and leadership achievements.
  5. Research KRAFTON's security policies, compliance management processes, and company culture to ensure a strong fit and alignment with the organization's goals and objectives.
  6. Prepare for the phone screening, technical assessment, on-site interview, and final decision process, following the guidelines provided in this enhanced job description.

Application Requirements

Candidates must have at least 7 years of experience in information security, particularly in technical security and compliance. Proficiency in English and a minimum of TOPIK Level 2 in Korean are required, along with experience in leading policy application projects.