Security Engineer
Department Overview The Information Security Management Office (ISMO) within the Information Security & Privacy Governance Department formulates, operates, and promotes information security policies and governance structures across the Rakuten Group. Working in partnership with relevant departments, ISMO develops and implements a wide array of security measures throughout the organization. Position: Why We Hire The Senior Information Security Governance Specialist supports the business unit CISOs within the Information Security Management Office. This position provides an opportunity to participate in the development and implementation of security requirements for various services within the Rakuten Group, allowing for the formulation of more concrete security measures and experiencing their outcomes. Position Details - Implementing the Rakuten Group's information security policies within business units and delivering feedback to the policy formulation team. - Advancing ISO/IEC 27001 certification activities, risk management, and the development and implementation of risk mitigation plans within assigned business units and group companies. - Lead incident handling in the event of security incidents (problem identification, containment support) and preparing executive reports. - Providing information security training specific to business units
- Exceptional communication skills for effective collaboration with diverse teams and stakeholders. - A minimum of 7 years' experience in information security or internal information systems management. - Proven track record in deploying and managing security solutions in conjunction with internal IT departments. - Hands-on experience in responding to information security incidents.
- Certified Information Systems Security Professional (CISSP) credential. - Information Processing Security Management Consultant (IPA) qualification. - Knowledge and experience with ISMS ISO/IEC 27001 certification processes. - Experience in engineering and managing systems on public cloud platforms.