【Dev】Expert Security Engineer
Estimated annual income: 7.5 to 12 million yen
職種
ITエンジニア【システム開発・SE・インフラ】
Type: Engineer
場所:Tokyo
■Resume and work history written in Japanese are required.
■We are a recruitment agency conducting this recruitment on behalf of the companies seeking employees.
■Japanese N1 required.
■Required:
Must have both of the following skills and experience
Experience in security-related work
Experience working as a software engineer
Employment Type
Full-time employee
Job Description
This position will be responsible for the following duties to enhance security
Security consulting to internal ◾️
Provide technical advice and reviews from a security perspective to internal development engineers.
Recommend security best practices and provide technical support.
◾️Vulnerability Assessment and Penetration Testing
Perform vulnerability assessments and penetration tests on VisaScu's products, and when security holes or vulnerabilities are found, review and implement countermeasures.
◾️Vulnerability Information Collection, Verification and Awareness
We collect and verify vulnerability information. We will share information on new vulnerabilities internally and promote internal educational activities to raise security awareness.
Implement and maintain security guardrails for ◾️ cloud environment
Responsible for implementing and subsequently maintaining security guardrails in the cloud environment (GCP / Azure). Apply cloud security best practices to ensure highly secure operations.
Execute measures in line with ◾️CIS Controls
Executes the organization's security measures in accordance with CIS Controls. Develop and implement specific action plans to enhance security.
◾️Countermeasures for Security Incidents and Response to Incidents
Implement countermeasures in the event of a security incident and respond quickly and effectively. Post-incident analysis and improvement of response measures will also be considered.
Depending on your skills and experience, you may also be offered the following roles as a CISO candidate
◾️Building a security team (CSIRT) and managing the team
◾️Development and execution of company-wide information security/strategy including overseas subsidiaries
◾️Development of product security roadmap/strategy planning/execution for the entire company including overseas subsidiaries
Organize governance through ◾️JSOX, etc.
