Information Security Specialist - Information Security Management Office, Information Security & Privacy Governance Department (ISPD)

Job Description:

Department Overview

The Information Security & Privacy Governance Department is a division of the Technology Management Division, which serves as a shared technical department for the Rakuten Group.

As a member of the Information Security Management Office - ISMS Operation & Support Group , you will contribute to improving the information security of the Rakuten Group's global organization through the operation and management of ISMS (Information Security Management System). In this position, you will play a role in implementing security frameworks such as  ISO/IEC 27001, conducting risk assessments, and promoting information security awareness activities. Additionally, you will support the global rollout of ISMS, working in collaboration with overseas offices and diverse teams to standardize and strengthen the security framework across the Rakuten Group.

Position:

Position Details

As a member of the ISMS Office, you will be responsible for the following tasks:

ISMS Operation and Management

- Conduct ISMS operational activities and respond to external audits to maintain the Information Security Management System based on  ISO/IEC 27001.

Risk Assessment
- Identify, evaluate, and plan/implement countermeasures for information security risks.

- Propose technical measures to prevent information security incidents.

Security Awareness Activities
- Plan and implement internal information security education and training.

- Create e-learning content and promote initiatives to raise awareness of information security.

Support for Global ISMS Rollout

- Collaborate with overseas offices and diverse teams to support the introduction and deployment of ISMS.

- Participate in regular meetings with global teams and manage progress.

Collaboration with Other Departments
- Work with other departments and group companies to propose and implement solutions to security issues.
- Understand the characteristics of services and operations to implement appropriate security measures.

Mandatory Qualifications:

- Over 3 years of practical experience in information security management system (ISMS).

- Knowledge of  ISO/IEC 27001 and other information security frameworks.

- Basic IT knowledge related to computers and networks.

- Excellent communication skills to effectively collaborate with cross-functional teams and diverse departments.
- English: Business-level proficiency (TOEIC score of 800+).

- Japanese: Native-level proficiency.

Desired Qualifications:

- Possession of information security-related certifications (e.g., Registered Information Security Specialist (IPA), CISSP, CISA, CompTIA Security+).
- Experience in the development and maintenance of web applications, databases, and networks.

- Experience in building and operating public cloud services.

- Proficiency in using MS Office 365 (Excel, PowerPoint, Teams), Confluence, JIRA, and ZOOM.

- Knowledge of and experience in responding to information security laws and regulations in various countries.
 

Other Information:

Ideal Candidate Profile:

A person with a strong sense of responsibility and awareness of information security, who actively tackles challenges. A person with a global perspective who can work in a multicultural environment. Someone eager to continuously learn new technologies and knowledge.

#corporate

#informationsecurity #privacygovernance

#technologymanagementdiv

Languages:

English (Overall - 3 - Advanced), Japanese (Overall - 4 - Fluent)