@mercari | Mercari Japan
Created a year ago (Last Update: 6 months ago)
Security Management Specialist - Merpay/Mercoin, Japan
Gathered from company career pages. For the latest details, see the company's site. For updates to this page, contact us at contact@japanjobspace.com
💚 24 people viewed
Security Management Specialist - Merpay/Mercoin in Tokyo, Japan
Team mission:
As a Security Management Specialist, your role will involve collaborating with various teams within Merpay, Mercoin, and Mercari to establish a comprehensive company-wide security and compliance framework. Your responsibilities will encompass designing and executing new policies, as well as formulating and implementing security measures in alignment with security standards and frameworks. The objective is to reduce security risks and foster a shift in employee attitudes towards security awareness and practices.
(Learn more about Mercari's mission and values here.)
Note: Your assignment to either Merpay or Mercoin will be decided following the selection process.
Specific work responsibilities include the following:
As a Security Management Specialist, your core responsibilities will encompass:
- Building and evaluating information security management systems and promoting the adoption of information security measures.
- Providing expert advice to other teams as an internal authority on security risks and compliance matters.
- Establishing and revising internal regulations related to information security.
- Overseeing and executing information security programs to ensure alignment with regulatory requirements.
- Designing and constructing information security processes, documenting them comprehensively, and enhancing existing security processes.
- Planning and executing internal education programs and other initiatives related to information security to raise awareness and skills across the organization.
- Managing security aspects concerning the use of external vendors and services.
- Monitoring, testing, and handling incident responses in relation to information security to ensure the security of systems and data.
In this role, you will be expected to:
- Develop a security governance framework that is aligned with the fast-paced nature of business operations.
- Formulate cutting-edge security standards suitable for a cloud-native environment, ensuring that security is a priority in this context.
- Embrace new challenges within the rapidly evolving landscape of the growing business, adapting to changes as they occur.
- React promptly to various fintech-related laws, regulations, and requirements, collaborating with relevant government ministries and agencies to ensure compliance and security in this highly regulated sector.
We are looking for candidates who share a common belief in the mission and values of the Mercari Group and its affiliate companies. Additionally, the ideal candidate should possess the following qualifications and skills:
- Experience in managing information security tasks as outlined in the Work Responsibilities section.
- A fundamental understanding of public cloud platforms, including Google Cloud, AWS, and Microsoft Azure.
- Strong communication skills, allowing for effective coordination and consensus-building with colleagues of varying skill levels and interests.
- The ability to identify and address issues within the existing setup, including root cause analysis and problem resolution.
- Basic knowledge of IT infrastructure components, such as TCP/IP, networks, servers, authentication, directory services, and endpoint management.
In addition to the qualifications and skills mentioned earlier, candidates are encouraged to have the following:
- Proficiency in business communication in English, with conversational or higher-level skills being preferred.
- An internationally recognized information security certification, such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CISA (Certified Information Systems Auditor).
- Previous experience working in information security management within an industry or company subject to regulation by the Financial Services Agency.
- Knowledge of and experience with systematized security frameworks, including but not limited to FISC-based internal controls, ISO 27001, CIS Controls, or NIST SP 800-171.
- Past involvement in team management and project management.
- A basic understanding of security management tools, which may include SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), EDR (Endpoint Detection and Response), CASB (Cloud Access Security Broker), among others.
- Familiarity with generative AI (Artificial Intelligence) and LLM (Legal Tech Language Models) can be advantageous in addressing emerging security challenges.
- Fits Mercari Group’s culture
(See this page for details.)
- English: Independent (CEFR - B2) preferred.
- Japanese:Proficient (CEFR - C1) required
* For details about CEFR, see here
- Exclusive: Mercari CEO Shintaro Yamada on What Makes an “Organization and Its People” a Truly Strong Combination (only available in Japanese)
- An Interview with Our New CFO and Full-time Auditor: What a Developing Mercari Needs to Become a Globally Competitive Organization (only available in Japanese)
- Protecting Mercoin’s Reliability: The Future as Seen by Managers of Security, IT Risk, and Corporate IT (only available in Japanese)
- Mercari Publishes Statistics on Usage of Its New Normal Work Style “Your Choice” (only available in Japanese)
Employment Status
Full-time
The probationary period at our company lasts for the initial three months after joining. During this probationary period, your contract conditions will be identical to those of a permanent employee.
Office
Roppongi
- We have a strict no-smoking policy within our office premises.
- At Mercari, we have implemented a work style policy called "Your Choice." This policy grants each team member the autonomy to decide whether they prefer to work in the office or opt for full remote work, with certain exceptions made for specific job roles.
Work Hours
- Full flextime (no “core time” or “flex time”).
- *Does not apply to all positions
Holidays
- Two days off per week (as well as national holidays, New Year's break, etc.).
- Paid leave, congratulatory and bereavement leave, relax days, sick leave
Salary
- Annual salary paid in 12 monthly installments (including fixed overtime allowance).
- Based on skills, experience, and abilities.
- Reviewed twice a year
Benefits
- Complete health and social insurance.
- Incentive program.
- Support systems, including those that benefit the employee’s family members
Support
- Relocation support.
Circulate all forms of value to unleash the potential in all people
"How can I contribute to society's prosperity given our limited resources?" This question served as the inspiration for the creation of the Mercari marketplace app in 2013 by our founder, Shintaro Yamada, during his travels around the world. We firmly believe that by facilitating the circulation of various forms of value, extending beyond physical items and money, we can open doors for individuals to pursue their aspirations and make positive contributions to society and those in their proximity. Mercari is committed to leveraging technology to connect people across the globe, ultimately striving to build a world where everyone can unlock their full potential. For more details on Mercari Group's mission, please refer to Mercari's Culture Doc.
Equal Opportunity Hiring
At Mercari, our mission is to build a world where no one's potential is constrained by their background, and where everyone has the liberty to generate value. We strongly emphasize that fostering a culture of Diversity & Inclusion is integral to realizing our mission.
This principle naturally extends to our hiring procedures. Mercari is dedicated to eradicating discrimination based on attributes such as age, gender, sexual orientation, race, religion, physical abilities, and other similar factors. Our objective is to ensure that individuals who resonate with our mission and values can become part of our team, regardless of their personal backgrounds. For more detailed information, please refer to our D&I Statement.