Information Security Governance Specialist, Information Security Enablement Section(ISPD)

Job Description:

Department Overview

This team is responsible for managing and planning countermeasures for information security incidents within the Rakuten Group, in collaboration with relevant departments.

The team plays a vital role in information security governance by supporting the development of recurrence prevention measures for incidents and providing feedback to Rakuten Group policies and common group security measures.

Additionally, as part of incident prevention measures for Rakuten service users, the team is responsible for implementing and managing email security measures, BIMI, and DMARC across the Rakuten Group.

Position:

Why We Hire

Position Details

- Group Regulation Development: Develop and maintain incident response procedures that outline the steps to be taken in the event of a security incident.

- Serve as a central point of contact for the headquarters : During security incidents, coordinating with the affected departments and related headquarters departments, and providing guidance. This includes assessing the severity of incidents, providing guidance on response measures, ensuring timely resolution, and executive reporting.

- Employee Education on Incident Reporting: Develop and deliver training programs to educate employees on how to recognize and report security incidents.

- Continuous Improvement of Incident Management Processes: Regularly review incident management processes and procedures, identify areas for improvement, and implement suggestions to enhance incident response capabilities.

Mandatory Qualifications:

- 5+ years of experience in information security, planning, or implementation management of internal information systems.

- 3+ years of experience in creating or assisting in the creation of internal regulations related to information security or IT governance.

- 3+ years of experience in responding to information security or information system incidents.

- Excellent communication skills to work smoothly with related departments, both internally and externally.

Desired Qualifications:

- Certified Information Systems Security Professional (CISSP) certification or Information Security Specialist (IPA) certification.

- Experience and knowledge related to ISMS ISO/IEC 27001 certification activities.

- Experience in building and operating on public cloud services.

Additional information on Language Qualification

- TOEIC score of 800 or higher.

- Native Japanese Language Proficiency is Mandatory.