Cyber Security Management Engineer or Manager - Cyber Security Department, Product Development Division, Rakuten Payment, Inc.

Job Description:

Business Overview

Mission

Rakuten Group's basic management philosophy is to "Empower people and society through innovation." We provide more than 70 diverse services, including EC services such as shopping malls and travel booking sites, financial services such as online banking, and media services and professional sports, to more than 100 million customers in Japan alone (more than 1.6 billion globally), covering a wide range of people's life scenes. At the same time, we are building a strong business model based on the "Rakuten Ecosystem" that organically links customers and various services.

As a member of Rakuten Group's FinTech Group Company, we at Rakuten Payment, Inc. are developing businesses centered on settlement services such as Rakuten Pay, Rakuten Edy, and Point Partner Business, as well as marketing solutions.

"With the power of technology, we aim to create a world where anyone can enjoy the same value no matter where they are."

As the digital sphere of society rapidly expands, we want to connect the Internet and the real world more seamlessly, so that everyone can use technology to lead a safe, secure, and more comfortable daily life. In order to achieve such a society, we would like to face the various problems that people are facing and move forward together to the next stage.

Department Overview

We provide services such as Rakuten Pay, an online payment service, Rakuten Edy, an electronic money service, Rakuten Cash, a cashback service, Rakuten Point Card, a loyalty points service, and other mobile payment and mobile POS payment services. Unlike other Rakuten Group companies, we provide services that can be used not only online but also in real-world stores.

We plan to provide new services related to Fintech, with a focus on the Rakuten Pay app, as this industry is receiving a great deal of attention amidst the spread of cashless payments. We will also provide new services in the OMO field that combine online and offline.

As we handle financial services and support important social infrastructure projects, we are required to have a high level of information security and cyber security. In this position, you will lead the strengthening of the overall cyber security system, the promotion of secure by design, and the development of security personnel, while collaborating with the Product Development Division and other departments.

Position:

Why We Hire

We are looking for people to lead the organization from a specialist perspective as we establish an organization specializing in cyber security, independent of the information security department.

Position Details

- Formulation and execution of security strategy

- Design and implementation of security architecture

- Vulnerability management and risk assessment

- Security Incident Response

- Security Education and Awareness Activities

- Investigation of the Latest Technologies and Threat Trends

- Regulatory compliance and audit support:

Lead the response to laws, regulations and guidelines related to the financial industry and critical infrastructure (e.g. FISC, PCI DSS, ISMS, etc.), and support the development of regulations and information security departments, internal and external audits, etc.

Work Environment

The Product Development Division has around 400 employees, and is made up of not only engineers, but also product managers, operations staff, infrastructure managers and other personnel. The Cyber Security Department is a newly established organization.

The Product Development Division has people from a variety of backgrounds, including recent graduates and mid-career hires (from IT companies, system integration companies, manufacturers, service providers, etc.).

Mandatory Qualifications:

- At least 3 years of work experience in the field of information security or cyber security
- Experience in conducting security risk assessments and vulnerability assessments
- Experience in responding to security incidents
- Experience in planning and implementing security education and training programs
- Understanding of the concept of secure by design and the ability to consider it
- Basic knowledge of system development and operation (e.g. networks, servers, cloud environments, etc.)
- Skills in coordinating and negotiating with other departments and stakeholders
- Business-level communication skills in Japanese (reviewing and creating regulations, writing documents, managing meetings, presentations, etc.

Desired Qualifications:

- Experience in security response in the financial industry or in critical infrastructure projects

- Possession of security-related qualifications (e.g. CISSP, CISM, CEH, CompTIA Security+, etc.)

- Knowledge and experience of cloud security (e.g. AWS, Azure, GCP, etc.)

- English communication skills (when working with overseas vendors or global teams)

- Experience or knowledge of DevSecOps

- Experience of security log analysis or SIEM tool operation

- Experience of zero-trust security concepts and implementation

Others Information:

Additional information on Location

NBF Shinagawa Tower

Additional information on Secondment

This position is a seconded position from Rakuten Group, Inc. to Rakuten Payment, Inc.

#engineer #technologymanagement #fintechgroup #RakutenPay #RakutenEdy #RakutenPointCard #RakutenPayment