Job Description

Summary of the overall purpose of the role.

• Provide Technical and Process related solution and guidance to other members of the Cyber SOC Team.
• Demonstrate continual improvement in Cyber Security KPIs despite scope increment.
• Understand and accept the technical requirement from Leadership and Stakeholders and provide the desired solution with no or low supervision.
• Participation in regular meetings with Various Technical Teams and Vendors to discuss Operational issues and understand new features that could be rolled out to improve Cyber Security posture of the Rakuten.
• Analyze, document and report on potential security incidents identified in Rakuten environments.
• Work with partners and Security vendors to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets
• Act as a Security Champion and address Security related gaps, Identify Opportunities to strengthen Cyber Security from current state to desired state.
• Provide analysis on various security enforcement technologies including, but not limited to SIEM (Azure Sentinel preferred), Next Gen EDR (Crowd strike preferred), content filtering/reporting, malware prevention, firewalls, intrusion detection systems, web application and DLP solutions.
• Incorporate best practices from well recognized standards and frameworks - OWASP, NIST, MITREs ATT&CK methodology etc.

KEY TASKS AND ACCOUNTABILITIES

The key actions and accountabilities of the role on both a transactional/operational and strategic level are listed below.

• Provide hands on L3 assistance to rest of the Team on various Cyber Security issues and be a single point of contact for management of Current Security Infrastructure.
• Look for emerging trends in Cyber Security space and look for continual improvement in Cyber Security posture of Rakuten.
• Uplift network security monitoring and incident response for Rakuten SOC in 24x7 environment. Monitoring via SIEM, IDS and Endpoint Security
• Ensure the Email security gateways are configured and updated with heightened Cyber Security features and rules.
• Look for opportunities to automate repeated tasks. Co-ordinate and collaborate in such automation tasks with extended team in other countries.
• Participation in regular meetings with Rakuten Security Engineering to innovate and introduce heightened security detection rules.
• Maintain meticulous records of security monitoring and incident response activities
• Recognize potential; successful; and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
• Assists with implementation of proactive counter-measures or mitigating controls using Threat Intel/Hunting approach.
• Create and maintains Standard Operating Procedures and other similar documentation

COMPETENCIES, QUALIFICATIONS, EXPERIENCE, SKILLS

Please list the following requirements

• Bachelors degree in computer science, IT, Electronics or related field.
• 5-8 Years experience in Global Cyber Security experience including but not limited to SOAR, SIEM, NextGen EDR, Threat Monitoring and Incident Response.
• Desirable certifications include OSCP, GIAC.
• Ability to work in multinational and multicultural environment.
• Ability to build trust through fairness and honesty.