Position Details
Security Design Review
- Perform system requirements and design review on systems inside the Rakuten ecosystem.
- Collaborate with developers, system/network administrators, and other stakeholders to ensure secure design, development, and implementation of applications and networks.
- Create and/or update security-related guidelines, technical security standards, security policies, and regulations for Rakuten group.
Security Vulnerability Process and Technology Ownership
- Lead the strategy, design, and enhancement of our vulnerability management including its process and technology.
- Establish security policies, standards, and guidelines to ensure consistent security practices across the organization.
- Collaborate with stakeholders to ensure security policies are integrated into business processes.
Security Education, Consulting, and Leadership
- Take part in the security training and awareness activities by cultivating a sense of security awareness, and arranging for continuous education.
- Inspire innovation and deliver quality at speed across the platform and execute these to success through diligent planning, attention to detail, effective delegation, efficient decision making, and individual/team accountability.
- Provide guidance and mentorship to other security architects and other team members.
- Communicate with potential (internal) customers to understand their cybersecurity needs and challenges.
- Scope and assess customer requirements to provide tailored security solutions.
- Develop and present proposals based on the customer's needs and cybersecurity challenges.
- Handle consulting engagements, providing expert advice and solutions to internal customers.
Mandatory Qualifications:
- 6+ years cyber security.
- Network, web/mobile application, network/web application protocols
- Security architecture frameworks, threat modeling, security patterns, and security best practices in SDLC.
Desired Qualifications:
- Certifications such as CEH
- Certifications e.g., CISA, CISSP
- Experience overseeing remediation of vulnerabilities, defining security requirements, and a proven track record of working with infrastructure and development teams to build secure solutions.
- Experience in Web/Mobile application development and major web frameworks.
- Experience in Web/Mobile Penetration Testing and/or Vulnerability Assessment.
- Experience with major commercial cloud environments and/or working with container technologies.
- Experience in working with SIEM and/or participated in Incident Response projects.
- Incident response experience, including handling and managing security incidents.