Information Governance Specialist/Domestic Group Company Support of Communication and Energy Company - Information Security Enablement Section, Information Security & Privacy Governance Department (ISPD)

Job Description:

Business Overview

The Technology Management Division (TMD) provides Corporate IT, and Cyber Security & Privacy Governance to Rakuten Group companies and essential business management for technology organizations, thereby enabling innovation and strengthening the technology foundation. Within TMD, the Corporate IT Supervisory Department (CITD) drives Rakuten Group’s global corporate IT services and infrastructure. Our mission is to empower Rakuten through innovative and secure IT solutions that enhance efficiency and foster productivity.

Department Overview

The Information Security & Privacy Governance Department (ISPD) enables and accelerates business growth by establishing, maintaining, and enhancing robust information security, privacy, data, and AI governance frameworks across the Rakuten Group. We ensure Rakuten's global operations are secure, compliant, and innovative by adhering to regulatory requirements, providing comprehensive employee training, strategically managing data assets, and governing AI responsibly.

Position:

Position Details

This is a highly rewarding position where you can implement and monitor information security governance measures across both headquarters and group companies within the telecommunications business, which is one of Rakuten Group's core businesses.
 

Responsibilities:

- Create and revise information security policies for assigned group companies, as well as deploy and support these policies, primarily to domestic departments.

- Implementation of IOS/IEC27001 certification activities in collaboration with the headquarters team.

- Security incident management (primarily for domestic businesses: analyzing post-incident reports and promoting recurrence prevention) and creating regular and emergency reports for executives.

- Participation in the vendor security management process (responding to inquiries, and improvement activities).

- Providing information security training to employees of assigned group companies.

- Responding to information security-related inquiries from group company employees.

Mandatory Qualifications:

- Experience communicating with internal and external users or business partners through explanations and responding to inquiries.

- 5+ years of experience in information security operations or project experience including information security elements.

- Basic knowledge of IT infrastructure (TCP/IP, networks, servers, authentication, directory services, endpoint management).

- Passing the Information Security Management Examination (IPA SG) or equivalent knowledge.

Desired Qualifications:

- Certified Information Systems Security Professional (CISSP) certification.

- Information Security Specialist (IPA) certification.

- Experience and knowledge of ISMS ISO/IEC27001 certification activities.

- Experience in building and operating on public cloud services.

- Knowledge of Mobile Device use for Business.

Other Information:
English Language Requirement:

- Business Level English (TOEIC 800 or above)

- Japanese Language Requirement: Native

#corporate
#informationsecurity #privacygovernance

#technologymanagementdivision