Job Description:
Business Overview
Rakuten General Insurance Co., Ltd. is a non-life insurance company within the Rakuten Group, Inc., seriously aiming to become the industry leader in auto insurance.
We offer unique services that maximize the strengths of Rakuten Ecosystem, such as seamless procedures through Rakuten ID integration, insurance premium structures that allow customers to earn and use Rakuten Points, and AI-powered accident response.
We are looking for teammates who want to take on challenges together and create new history by fully leveraging the synergies of the Rakuten Group, Inc.
Department Overview
In the insurance industry, the role and expectations placed on IT are growing increasingly significant. Within the IT Planning Department, we provide comprehensive support for Rakuten General Insurance Co., Ltd.'s business by executing, promoting, and managing the progress of development projects.
Furthermore, as a non-life insurance company within Rakuten Group, Inc. we play a vital role in providing security and peace of mind to Rakuten members through collaboration not only with other insurance group companies (such as Rakuten Life Insurance Co., Ltd.) but also with various other companies and services across Rakuten Group, Inc.
Position:
Why We Hire
Cybersecurity threats are evolving daily, and to counter them, it is essential to constantly acquire the latest knowledge and technologies while deepening our expertise. At our company, we have established an environment where cybersecurity knowledge is shared across the entire organization, enabling continuous skill development.
We are currently seeking individuals with deep knowledge and practical experience in the field of cybersecurity to further strengthen our organizational capabilities and pursue greater expertise. We welcome professionals who are ready to go beyond routine operations and engage in a wide range of tasks-including analyzing the latest threat trends, designing security architectures, and strengthening our incident response framework-to elevate our cybersecurity posture to the next level.
Position Details
You will collaborate with Rakuten Group, Inc. and various companies within the Rakuten FinTech Group to strengthen our cybersecurity posture and execute initiatives that support our growth strategy. Your primary responsibilities will include:
- Security Policy & Regulation Development: Reviewing and improving internal security policies and regulations based on the latest threat landscapes and regulatory requirements
- Vulnerability Management: Planning and conducting vulnerability assessments for systems and applications, evaluating results, and driving remediation efforts
- Security Architecture Design & Evaluation: Supporting security requirement definitions and architectural design for new system implementations or existing system updates, as well as conducting security evaluations
- Risk Assessment & Management: Conducting company-wide cyber risk assessments, evaluating risks, prioritizing countermeasures, and driving risk mitigation strategies
- Security Tool Implementation & Operation: Selecting, implementing, configuring, and managing the operation of various security tools
Work Environment
Information Technology Division is composed of two teams, the IT Development Department and the IT Planning Department, with a total of 34 permanent employees. We also work with approximately 50 to 100 contractors from partner companies who primarily handle development tasks. 80% of our permanent employees joined us mid-career. Many come from outside the non-life insurance industry, so we provide full support for those without prior industry experience.
In our private cloud environment within the Rakuten Group, we utilize Linux servers, containers (Kubernetes), and Windows servers.
Mandatory Qualifications:
- Practical experience in cybersecurity (approx. 5 years preferred)
- Fundamental knowledge of information security (Information Security - Management Systems (ISMS), types of threats, countermeasure technologies, etc.)
- Experience in security incident response (initial response, situational awareness, information sharing, etc.)
- Practical experience in vulnerability management (conducting/managing vulnerability assessments and driving remediation)
- Experience in understanding and applying security policies and guidelines
Desired Qualifications:
- Experience in information security operations within a financial institution
- Registered Information Security Specialist (RISS) and Information security-related certifications (e.g., Registered Information Security Specialist, CISSP, CISM, CISA)
- Experience in implementing and operating specific security products (e.g., SIEM, EDR, WAF, etc.)
- Experience in handling information security audits
- Experience in security-related project management
- Experience in planning and conducting information security training and awareness programs
Other Information:
Additional information on Location
NBF Shinagawa Tower
Additional information on Secondment
This position is a seconded position from Rakuten Group, Inc. to Rakuten General Insurance Co., Ltd.
#engineer #securityengineer #fintechgroup #RakutenGeneralInsurance