Security Engineer, Threat Detection and Response - Mercari

本ポジションは日本語JDの用意がありません。

Security Engineer, Threat Detection and Response - Mercari

• Employment Status:　Full-time 
• Work Hours: Full Flextime (no core time)  
• Office: Roppongi

For more details, see the Overview of Our Positions section on our Careers site.

About Mercari

Circulate all forms of value to unleash the potential in all people

"What can I do to help society thrive with the finite resources we have?" The Mercari marketplace app was born in 2013 out of this thought by our founder Shintaro Yamada as he traveled the world. We believe that by circulating all forms of value, not just physical things and money, we can create opportunities for anyone to realize their dreams and contribute to society and the people around them. Mercari aims to use technology to connect people all over the world and create a world where anyone can unleash their potential. For more information about Mercari Group’s mission, see Mercari’s Culture Doc

Organization/Team Mission

Mercari Engineering Principles  

Mercari Engineering Principles are a shared understanding that serves as the foundation of engineering beliefs and behavior at Mercari. The Engineering Principles are designed to complement the organizational identity (Mercari’s mission, values, and culture) from an engineering viewpoint. 

These principles ultimately help us achieve Mercari’s mission by defining the ideal state we seek to realize in the long term. 

• Passion For The Product
• Grow Together
• Solve Through Mechanisms
• Collaborate Openly

For more details, please see the following link:

• Engineering Culture

The Threat Detection and Response (TDR) team at Mercari is responsible for detecting, investigating, and responding to security threats that impact our customers, people, services and infrastructure. We do this by building scalable security operations, combining detection engineering, incident response, threat hunting and threat intelligence. To accomplish our mission, we partner closely across security teams and stakeholders to improve visibility and readiness to security incidents, ensuring Mercari remains safe and trusted.

See here for more information about our mission and values.

Work Responsibilities

As a Security Engineer in the Threat Detection and Response team, you will play a critical role in all aspects of the Detection & Response lifecycle. We are looking for an engineer with strong practical skills and a passion for automating security operations,  a deep understanding of cloud security and a proactive mindset in threat detection and incident response.  

• Expand our detection coverage by writing and fine-tuning rules to identify threats across Cloud, SaaS and Endpoint environments
• Develop automation and playbook to enrich alerts, and automate remediation and response actions.
• Act as incident handler during security incidents, from initial response to containment, remediation, and post-incident review.
• Build and maintain services for our monitoring platform on cloud infrastructure, from log ingestion, detection engine, security telemetry and data lake storage.
• Perform alert triage and conduct analysis on various signals to determine response actions.
• Continuously research about emerging threats and take initiative to introduce enhancement and advanced technologies to scale and improve quality and speed of our detection and response.
• Share about threats and incidents to raise awareness of the organization's security posture by contributing to training sessions, tabletop exercises, and internal presentations.
• Participate in and support on-call rotation.
  
  

Unique Challenges

• Build and maintain custom automation systems using APIs, coding and leverage generative AI and large language models (LLMs) to transform how we detect, investigate, and respond to threats.
• Our architecture is fully cloud-native with a mix of Cloud providers and containerized workloads. You’ll work across a wide surface of modern infrastructure.
• Mercari operates at the intersection of large-scale consumer platforms and real-time financial services, our threats are complex and require creative, and cross-domain expertise.
• Take on the challenge of implementing agile security monitoring in a rapidly-growing global organization and environment.
  
  

Qualifications

• Required Experience/Skills
• 5+ years of hands-on experience in security operations, detection engineering, or incident response
• Proficiency in at least one scripting or programming language (Python, Go, or similar)
• Experience analyzing security telemetry and developing detection rules in SIEM or log analysis platforms
• Solid understanding of cloud infrastructure, container environments, and modern authentication systems
• Familiarity with security frameworks such as MITRE ATT&CK and common attacker TTPs
• Strong collaboration and communication skills across technical and non-technical teams
• Preferred Experience/Skills
• Experience with threat hunting, digital forensics, or malware analysis
• Knowledge of GCP or AWS security and serverless services
• Familiarity with Kubernetes, service mesh, or microservice observability tools
• Experience with detection-as-code practices or SOAR platform development
• Ability to write efficient queries for large-scale log analysis (e.g., SQL, BigQuery)
• Understanding of version management, IDE, CI/CD tools and other tools related to the software development process
• Relevant certifications in incident response or security operations (e.g., GCFA, GCIH, OSCP)
• Language 
• Japanese: Independent (CEFR – B2) Preferred
• English: Proficient (CEPR – C1) Preferred

For details about CEFR, see here.

Learn More About Mercari Group

• Careers site: https://careers.mercari.com/en/   
• Mercan: https://mercan.mercari.com/en/  
• Social media: X / Linkedin 
• Streamlining Security Incident Response with Automation and Large Language Models | Mercari Engineering 
• An Introduction to Reverse Engineering for eBPF Bytecode
• Who Watches the Watchmen? Keeping an Eye on Our Monitoring Systems
• Mercari’s Threat Detection Engineering Team—Continuously improving to provide autonomous cyber threat detection and response at scale 
• Detection Engineering and SOAR at Mercari
• Mercari Appoints Naohisa Ichihara as New CISO: Making a Mark in History with the Goal of Establishing the World’s Most Secure Marketplace
• Going Beyond Diverse to Become Borderless: The Culture of Mercari’s Security & Privacy Team
• Security | Mercari Engineering blog
• Security/Privacy | mercan 
  
  

Recruiting at Mercari

At Mercari Group, we value empathizing with and embodying the mission and values ​​of the Group and each company. To promote the creation of an organization that maximizes the total amount of value exhibited by all members, we would like to understand the experience and skills of each candidate as accurately as possible.

Recruiting cycle at Mercari Group

• Application screening
• Skill assessment: For engineering positions, you will be asked to complete a skill assessment on HackerRank or GitHub. For non-engineering positions, you may be asked to complete an assessment depending on the position. (The timing of the assessment may coincide with the interview process.)
• Interview: The number of interviews may vary depending on the position.
• Reference check: We will ask for online references around the timing of the final interview.
• Offer: Offers will be determined carefully in consideration of the final interview and the reference check.

　Learn more about our recruiting process here.

Equal Opportunity Hiring

Here at Mercari, we work to realize a world in which no one’s potential is limited by their background and everyone has the opportunity to freely create value. We also firmly believe that a mindset of Inclusion & Diversity is essential for us to achieve our mission.

This, of course, extends to our hiring practices as well. Mercari is committed to eliminating discrimination based on age, gender, sexual orientation, race, religion, physical disability, and other such factors so that anyone who shares our mission and values can join us, regardless of their background. For more details, please read our I&D statement.

Please read and acknowledge our Privacy Policy prior to submitting your application.