Information Security Governance Specialist - Information Security Enablement Section, Information Security & Privacy Governance Department (ISPD)

Job Description:

Business Overview

The Technology Management Division (TMD) provides corporate IT, cyber security, and privacy governance to Rakuten Group companies and essential business management for technology organizations, thereby enabling innovation and strengthening its technology foundation. Within TMD, the Information Security Supervisory Department (ISSD) combines proactive cyber defense with strategic information security, privacy, and data governance to protect the company’s global assets and data.

Department Overview

The Information Security & Privacy Governance Department (ISPD) enables and accelerates business growth by establishing, maintaining, and enhancing robust information security, privacy, data, and AI governance frameworks across the Rakuten Group. We ensure Rakuten's global operations are secure, compliant, and innovative by adhering to regulatory requirements, providing comprehensive employee training, strategically managing data assets, and governing AI responsibly.

Position:

Position Details

Primary Duties of Information Security Enablement Section

- Responding to and managing Rakuten Group information security incidents, planning countermeasures, and promoting their implementation with corporate and business divisions.

- Reporting incident countermeasure status and statistical information to the Group CISO at the Group Information Security & Privacy Committee.

- Creating and distributing information security education content for internal and external users (primarily for cyberattack countermeasures).

- Managing the implementation of email security measures (DMARC/BIMI) for services across the Rakuten Group globally.

- Supporting the implementation of information security governance in Rakuten Group companies (primarily for sports businesses).

Main Responsibilities

- Responding to and managing Rakuten Group information security incident reports.

- Leading the creation of reports for the Group Information Security & Privacy Committee, the CISO, and the Department Head.

- Leading cross-departmental activities and managing their output, as instructed by the Department Head.

- Managing the implementation of email security measures (DMARC/BIMI) for services across the Rakuten Group globally.
 

Mandatory Qualifications:

- Excellent communication skills to effectively collaborate with diverse teams and stakeholders.

- Experience in information security or internal information system management.

- Experience in introducing and operating security solutions in collaboration with internal IT departments.

- Experience in planning and operating information security awareness initiatives for employees and Rakuten Service Users.

- Japanese language proficiency: Native level.

- English: TOEIC Score 800 above or posses equivalent abilities.

Desired Qualifications:

- Holder of security professional certifications (CISSP) or Information Technology Specialist in Information Security Management.

- Experience in information security incident management.

- Experience in introducing information security standards and frameworks such as ISO/IEC 27001, NIST CSF, PCI-DSS.

- Security certifications related to public cloud vendors such as AWS, GCP, Microsoft Azure.

#business #informationsecurity #privacygovernance #technologymanagementdiv