Product Security Engineer, Cloud & DevSecOps - Cyber Security Defense Department (CSDD)

Job Description: Business Overview The Technology Management Division (TMD) provides corporate IT, cyber security, and privacy governance to Rakuten Group companies and essential business management for technology organizations, thereby enabling innovation and strengthening its technology foundation. Within TMD, the Information Security Supervisory Department (ISSD) combines proactive cyber defense with strategic information security, privacy, and data governance to protect the company’s global assets and data. Department Overview The Cyber Security Defense Department (CSDD) is responsible for safeguarding all Rakuten companies and users from cyber threats, ensuring the security and integrity of Rakuten Group's global internet services. We oversee all aspects of both Secure Development and Security Operations for services developed within the group, with dedicated security teams and operation centers strategically located in key regions worldwide. Position: Why We Hire Team expansion due to the increased demand for the work and the scope expansion. Position Details As a member of the Cyber Security Defense Department (CSDD), you will be responsible for leading and executing security operations for Rakuten products that support the Rakuten Ecosystem. In this role, you will work closely with product development teams as well as internal and external stakeholders to ensure the implementation and operation of necessary security controls based on best practices. By providing comprehensive security support across all phases of the software development lifecycle (SDLC), from initial design through ongoing operations, you will play a critical role in strengthening the security posture of our products and enabling business success. Responsibilities - Lead and execute product security operations for Rakuten products, including secure development consultation, DevSecOps integration, and vulnerability management - Lead the optimization and operation of security posture management across Rakuten’s cloud infrastructure - Work closely with product development teams to integrate security controls throughout the product lifecycle - Collaborate with internal and external stakeholders to ensure security requirements are met and maintained - Provide end-to-end security support across all phases of the SDLC, from initial design through ongoing operations - Support product teams by providing expert security guidance and practical solutions - Continuously gather and apply threat intelligence to help products address emerging threats and vulnerabilities Mandatory Qualifications: - Bachelor's degree in computer science, information security, or a related field - 3+ years of hands-on experience in application vulnerability assessment and network penetration testing, or equivalent practical knowledge - Experience in using, administering, and automating cloud security and vulnerability management infrastructure - Experience in programming with one or more languages, such as Java, PHP, Python, and JavaScript - Familiarity with vulnerability management and incident response processes - Familiarity with DevSecOps best practices and SDLC - Strong teamwork skills and the ability to communicate with stakeholders in a diverse environment - Strong sense of ownership and problem-solving skills Desired Qualifications: - Master's degree in computer science, information security, or a related field - Experience in using and administering enterprise security testing solutions such as SAST, DAST, and SCA - Experience in using and administering cloud infrastructure security solution such as CSPM, CWPP and CIEM - Experience in team development with DevOps and CI/CD tools such as GitHub Actions, Jenkins, and Terraform - Familiarity with cloud-native technologies, such as containers, Kubernetes, and microservices - Relevant certifications such as OSCP, OSWE, GPEN, and GCSA - Proficiency in business-level Japanese and English #engineer #securityengineer #technologymanagementdiv Languages: English (Overall - 3 - Advanced) In Japanese, Rakuten stands for ‘optimism.’ It means we believe in the future. It’s an understanding that, with the right mind-set, we can make the future better by what we do today. So we challenge ourselves to evolve, innovate and experiment, to create a better, brighter future for everyone. Today, our 70+ businesses span e-commerce, digital content, communications and fintech, bringing the joy of discovery to almost 1.3 billion members across the world. If you have any trouble logging in, please contact us here Rakuten Group, Inc.: rakuten-recruiting-info@mail.rakuten.com Please read the Application Requirements(EN) / 募集要項(JP) before applying. Our Diversity & Inclusion Policy and Application Documents Rakuten’s corporate mission is to “contribute to society by creating value through innovation and entrepreneurship.” We foster a culture that provides equal opportunities to those who share this founding philosophy and take on the challenge to transform society, regardless of age, gender, nationality, or any other status. Diversity is one of Rakuten's core strategies and a driving force for innovation. Because of this, you are not required to submit any of the following information in order to apply for our job positions. - Gender - Age - Photo - Nationality - Information not related to business, such as ideological beliefs, family structure, etc. * For legal compliance, we may ask you about your work eligibility. See the details