Job Description:
Department Overview
The Information Security & Privacy Governance Department (ISPD) enables and accelerates business growth by establishing, maintaining, and enhancing robust information security, privacy, data, and AI governance frameworks across the Rakuten Group. We ensure Rakuten's global operations are secure, compliant, and innovative by adhering to regulatory requirements, providing comprehensive employee training, strategically managing data assets, and governing AI responsibly.
Position:
Position Details
Primary Duties of the Information Security Enablement Section:
- Responding to and managing Rakuten Group information security incidents, planning countermeasures, and promoting their implementation with corporate and business divisions.
- Reporting incident countermeasure status and statistical information to the Group CISO at the Group Information Security & Privacy Committee.
- Creating and distributing information security education content for internal and external users (primarily for cyberattack countermeasures).
- Managing the implementation of email security measures (DMARC/BIMI) for services across the Rakuten Group globally.
- Supporting the implementation of information security governance in Rakuten Group companies (primarily for sports businesses).
Main Responsibilities of this position:
- Setting and managing KPIs for this section in line with departmental goals, in collaboration with the Senior Manager.
- Leading the creation of reports for the Group Information Security & Privacy Committee, the CISO, and the Department Head.
- Leading cross-departmental activities and managing their output, as instructed by the Department Head.
- Leading programs to share activity content with the CISO community.
Mandatory Qualifications:
- Excellent communication skills to effectively collaborate with diverse teams and stakeholders.
- 7+ years of experience in information security or internal information system management.
- Experience in introducing and operating security solutions in collaboration with internal IT departments.
- Experience in information security incident management.
- Experience in planning and operating information security awareness initiatives for employees and Rakuten Service Users.
- Japanese language proficiency: Native level.
- English: TOEIC score of 800 or higher.
Desired Qualifications:
- Holder of security professional certifications (CISSP) or InformationTechnology Specialist in Information Security Management.
- Experience in introducing information security standards and frameworks such as ISO/IEC 27001, NIST CSF, PCI-DSS.
- Security certifications related to public cloud vendors such as AWS, GCP, Microsoft Azure.
#corporate
#informationsecurity
#privacygovernance
#technologymanagementdiv