Job Description:
Business Overview
The Technology Management Division (TMD) provides Corporate IT, and Cyber Security & Privacy Governance to Rakuten Group companies and essential business management for technology organizations, thereby enabling innovation and strengthening the technology foundation.
Department Overview
The Information Security & Privacy Governance Department (ISPD) enables and accelerates business growth by establishing, maintaining, and enhancing robust information security, privacy, data, and AI governance frameworks across the Rakuten Group. We ensure Rakuten's global operations are secure, compliant, and innovative by adhering to regulatory requirements, providing comprehensive employee training, strategically managing data assets, and governing AI responsibly.
The Information Security Management Office oversees information security governance within the Group. It is responsible for establishing regulations related to Rakuten Group's information security governance, supporting implementation for development and business departments, monitoring, and employee training.
Position:
Why We Hire
The Information Security Policy Group is responsible for formulating Rakuten Group Information Security Regulations and Rakuten Group, Inc. Information Security Policies, which are under the jurisdiction of the Group CISO. As Vice Manager of the Information Security Policy Group, you will assist the Group Manager in planning, formulating, drafting, and formalizing security policy guidelines.
This role also involves pre-coordination with relevant departments and group companies during policy formulation, as well as providing explanations and commentary for the operation of formalized policies.
This is a critical position at the core of group information security governance, responsible for concretizing various security requirements while considering global standards, industry standards, and technical feasibility.
Position Details
Responsibilities:
- Formulate and maintain Rakuten Group Regulations, and Rakuten Group, Inc. Information Security Policies and related policies, including those pertaining to AI.
- Gather requirements through regular communication with relevant departments and individual group companies, and execute and manage the formalization process.
- Obtain information on industry trends and regulatory changes related to information security and share it with the CISO community.
- Prepare reports for the Rakuten Group CIO, CISO, and management meetings, to be presented by the Head of the Information Security & Privacy Governance Department.
- Program management for executing the above roles as a team, or personally taking charge of these responsibilities.
- Assist in the operation of the Information Security Policy Group.
Mandatory Qualifications:
- 5+ years of experience in planning or implementation management of information security, internal information systems, or information systems for internet service provision.
- 3+ years of experience in formulating internal regulations such as information security or IT governance.
- 3+ years of experience in a support role for management, such as a group leader.
- English Requirement: Business Level (TOEIC 800 or higher)
- Japanese Requirement: Native
Desired Qualifications:
- Certified Information Systems Security Professional (CISSP) qualification or Information Technology Engineer Examination (IPA) qualification.
- Experience and knowledge regarding ISMS ISO/IEC 27001 certification activities.
- Experience in building and operating on public cloud services, or holding AWS, GCP, or Microsoft certifications.
#business
#informationsecurity #privacygovernance
#technologymanagementdiv