In Rakuten, security and safety of the Internet services of our group are guaranteed by the Cyber Security Defense Department (CSDD). CSDD covers all aspects of the Secure Development Life Cycle (SDLC) and operation security for all the services developed inside Rakuten Group.
Why We Hire
To enhance Rakuten’s cyber security organization
This is a position to engage in cyber defense for Rakuten commercial services and corporate IT systems in order to enable “Internet World Peace”.
As core member of Rakuten-CERT, you will be expected to lead protecting our services and customers thoroughly.
- Build and maintain strategies for cyber security monitoring and incident response
- Lead Rakuten-CERT, which is the official CSIRT of Rakuten Group, Inc.
- Manage Blue Team and defend Rakuten services and IT systems from advanced cyber attacks and crimes
- Enable integrated cyber defense connecting private SOC and cyber threat intelligence
- Contribute improvement of cyber resilience in the organization and industry through the development of cyber professionals
- Over 7 years of professional experience in information security field
- Operational experience in cyber security such as security monitoring, incident responses, digital forensics, or cyber threat intelligence
- At least 3 years of team management experience with service delivery and budget management
- Implementation experience of defensive controls at actual cyber attack/crime cases (regardless of scale)
- Understanding of the core concepts of web/mobile application and vulnerability fixture process
- Experience in vulnerability management, 0-day response
- Understanding of network and web application protocols
- Strong teamwork capability in a diverse team environment
- Excellent consultation, problem-solving, communication, and interpersonal skills to build trust and consensus with stakeholders
- Strong ownership and sense of responsibility
- Experience in Web service development, implementation/operation at corporate IT or cloud-native system infrastructures
- Incident response experience in cyber attacks or cyber crimes at large-scale services
- Experience in CSIRT or vulnerability management team
- Experience in a diverse workplace, and working well in a team environment
- Experience in vendor contract management, security strategy planning with multiple IT products
- Experience in implementation or support for compliance and security requirements such as PCI DSS or FISC
- Holder of any security-related certifications, ex: Security+, GIAC, OSCP/OSCE, SSCP
|Location||Rakuten Crimson House, 1-14-1 Tamagawa, Setagaya-ku, Tokyo158-0094
(1 min walk from Futakotamagawa Station on the Denentoshi Line)
|Remote work||Partial remote|
|Working hours||9:00am - 5:30pm (Every Monday, work hours are from 8:00am to 4:30pm due to morning meeting)|
|Holidays||・2 days off per week (Saturdays, Sundays, and national holidays are holidays)
・10-20 days of annual paid vacation (the minimum number of days is the number of days granted after six months of employment)
・120 days off per year
In addition, year-end and New Year vacations, paid vacation, congratulation or condolence leave, maternity and paternity leave, etc.
*Once a year, you can take 9 to 12 consecutive holidays by using the long vacation (Success Vacation) system.
|Employee benefits||・Commuting allowance
・Employee pension insurance
・Workers' accident compensation insurance
・Retirement allowance system
Supplemental education and qualification support
・English learning support (in-house TOEIC(R) test IP test, English conversation, etc.)
・Career challenge system (challenge the department of your choice)
・Job return system (rehiring system for those who retired due to marriage, childbirth, nursing care, etc.), etc.
・Stock Option Plan
・Cafeteria system with three free meals
・LILO Club (preferential treatment at sports clubs, accommodations, leisure facilities, movie theaters, etc.)
・LILO Club (sports clubs, lodging, leisure facilities, movie theaters, etc.) (Running, mountain climbing, cooking, etc., part of the expenses paid by the company)
・Free English conversation lessons by native English speakers
・Support system for certification acquisition
・Qualification support system, etc.