Security Engineer at Rakuten (Tokyo, Japan)

Description: 


  • Position Summary:

    Security and safety of the Internet services of Rakuten Group are guaranteed by the Cyber Security Defense Department, the core of Rakuten-CERT. We cover all aspects of the SDLC and operation security for the services developed inside Rakuten Group.


    As an intermediate member of the security team, you will be challenged to various projects in different aspect of security while working with other peer engineers. Expected tasks ranging from but not limited to finding security vulnerabilities, writing scripts to automate security tasks, enhance the network security of our infrastructure, provide security design and review consultations.
     

    Responsibilities:



    • Partner development teams and project/product managers to build and deliver secure services

    • Perform system requirements / system design review on systems inside the Rakuten ecosystem

    • Evaluate and integrate security software solutions

    • Perform technical analysis, testing or demonstrate the security threats in simple POC

    • Join projects and create security related guidelines, policies and regulations



    Minimum Qualifications:


    • Around 3 years of experience in development related fields, such as Security Engineer/Consultants, System Administrators, Web/Mobile Developers

    • Understanding of the core concepts of web/mobile application and security issues

    • Proficient in one or more scripting languages, ex: Python, Ruby

    • Proven knowledge in network and web application protocols
       


    Preferred Qualifications:



    • Experience in Web/Mobile application development

    • Experience in using major web frameworks

    • Experience in Web/Mobile Penetration Testing and/or Vulnerability Assessment

    • Experience with at least one major commercial cloud environment

    • Experience in working with SIEM and/or participated in Incident Response projects

    • Experience in a diverse workplace, and work well in a team environment

    • Holder of any security related certifications, ex: Security+, GIAC, OSCP/OSCE, SSCP

    • Strong verbal and written communications skill

    • Strong ownership and sense of responsibility