Cyber Threat Analyst- Cyber Security Defense Department (CSDD)

Job Description:

Business Overview 

Rakuten Group’s mission is to contribute to society by creating value through innovation and entrepreneurship. By providing high-quality services that help our users and partners grow, we aim to advance and enrich society. To fulfill our role as a Global Innovation Company, we are committed to maximizing both corporate and shareholder value. 

Department Overview 

In Rakuten Group, Inc., security and safety of the internet services are guaranteed by Cyber Security Defense Department (CSDD), the core of Rakuten-CERT.  Rakuten Security Team has been fighting against various cyber threats, and Cyber Threat Intelligence Team is in charge of Threat Intelligence activities for Rakuten group companies and we're looking for Threat Intelligence Analyst. 

Why We Hire 

Team expansion due to the increase demand of the work and the scope expansion. 

Position Details 

This is the position for Cyber Threat Analyst, which is responsible for : 

- Threat Intelligence collection related to our constituency, including Rakuten Group, Inc. and subsidiaries, brand, services, employees and our customers & partners. 

- Threat Intelligence analysis and reporting 

- Leveraging Threat Intelligence to strengthen our overall cyber defense. 

Detailed responsibilities for Threat Analyst: 

- Threat Intelligence collection from OSINT (open-source intelligence), proprietary tools or commercial systems. 

- Threat Intelligence analysis and curation, to produce accurate, timely, relevant report for internal customers periodically. 

- Cyber Incident Investigations, conduct threat hunting on our internal investigation platforms (SIEM, etc). 

Mandatory Qualifications: 

Qualifications for Analyst: 

- Fundamental understanding on Cyber Attack, including APT, Cyber Crime, Ransomware, Phishing, Card Shop, etc. 

- Excellent information organization, critical thinking and English writing skills. 

- Strong ownership and sense of responsibility. Deliver research results on time. 

- Passionate in learning new cyber attack TTP (tactics techniques and procedures) and exploring the unknown part of Cyber Security. 

- Fluent in both verbal and written English (TOEIC 800+) with capability on reading 1~2 other languages, preferred from {Chinese, Russian, Korean}. 

Senior Role Qualifications: 

- 5+ years of experience in working as a security analyst role such as SOC analyst, CSIRT member, Penetration tester, TI analyst and other relevant security positions 

- Independent research and tracking capability on APT campaign, eCrime adversary groups against CSIRT constituency 

- Familiar with multiple external TI tools such as VirusTotal Pro, DomainTools, RiskIQ, urlscan or other TI exchange platforms 

- Able to mentor Jr. Analyst, as well as train in-house SOC analysts with TI or threat hunting flow 

- Good social networking skill or prominent presence in TI or Security Communities. 

Desired Qualifications: 

- Knowledge of CSIRT, DFIR or SOC workflow or experience 

- Knowledge of cyber alert triage, botnet, criminal malware, APT groups, MITRE ATT&CK frameworks 

- Fluent in verbal Japanese to present and explain situation awareness to constituency internal TI customers 

- One or more script language skill and experience such as Python 

- Holder of any security related certifications, ex: Security+, GIAC, OSCP/OSCE, CISSP 

 #engineer #jobcategory02 #securityengineer #jobsubcategory11 #technologyservicediv #organization11

Languages: