Job Description:

Department Overview

As a global innovation company, Rakuten Group, Inc. builds and operates information security governance in accordance with international standards such as ISO/IEC 27001 and PCI-DSS v4.0.

The Information Security Enablement Section within the Information Security & Privacy Governance Department is responsible for the following four main tasks:

- Responding to and managing information security incidents within the Rakuten Group, planning countermeasures, and promoting their implementation in collaboration with corporate and business units.

- Reporting the status of incident countermeasures and statistical information to the Group CISO at the Group Information Security & Privacy Committee.

- Concurrently seconded to Rakuten Mobile, Inc. (same Office location) to implement information security policies, support business units, and conduct employee awareness/training.

Position:

Why We Hire

This position offers the opportunity to gain extensive business support experience, not only in information security governance for the Rakuten Group but also in supporting the business development of Rakuten Mobile, a key focus area for the Rakuten Group.

We are looking for candidates who have a strong interest in information security governance and are seeking a career advancement opportunity.

Position Details

- Leading the response to information security incidents in collaboration with risk management departments within Rakuten Group, Inc. and information security departments across group companies (incident-specific assignments).

- Leading the collaboration with target departments for incident countermeasures, planning, and supporting the implementation in those departments.

- Assisting the Senior Manager of the Information Security Enablement Section in preparing reports on the status of incident countermeasures and statistical information for the Group Information Security & Privacy Committee, and responding to directives.

- Formulating information security policies for Rakuten Mobile, Inc. stores, customer support departments, and corporate sales departments, and implementing security measures in business units.

- Conducting regular assessments to meet Ministry of Internal Affairs and Communications requirements, supporting the implementation of findings, and preparing regular reports for the CEO of Rakuten Mobile by the Head of Information Security Promotion.
- Leading the creation of regular and ad-hoc employee education content and presenting at Rakuten Group/Rakuten Mobile morning meetings/ASAKAI.

Mandatory Qualifications:

- Excellent communication skills to effectively collaborate with diverse teams and stakeholders.

- Over 7 years of experience in information security or internal information systems management.

- Experience in implementing and operating security solutions in collaboration with internal IT departments or security vendor.

- Understanding of industry-specific regulatory documents (finance, telecommunications, etc.) and experience in formulating and implementing security measures in response.

- Experience in incident management either as information Security section or Security Vendor

- Native-level Japanese proficiency.

- English proficiency: TOEIC score of 800 or above.

Desired Qualifications:

- Experience in planning and operating information security awareness initiatives for employees.

- Holding a security professional certification (CISSP) or Information Processing Security Support Specialist certification.

- Experience in implementing information security standards and frameworks such as ISO/IEC 27001, NIST CSF, PCI-DSS.

- Security certifications related to public cloud vendors such as AWS, GCP, Microsoft Azure.

#technologymanagementdivision
#informationsecurity #privacygovernance

Languages:

English (Overall - 3 - Advanced), Japanese (Overall - 4 - Fluent)