Mercari
Enterprise Security Engineer
ã³ãŒãã¬ãŒãã»ãã¥ãªãã£ãšã³ãžãã¢
Tags: Full-time, 4~5 YOE, Business Japanese
Minato City, Tokyo, Japanã»Fetched 30+ days ago
Job Description
Team: Information Technology
JD in English follows. åæã®åŸã«è±æJDãã芧ããã ããŸãã
Enterprise Security Engineer(ã³ãŒãã¬ãŒãã»ãã¥ãªãã£ãšã³ãžãã¢) â Mercari
- éçšåœ¢æ ïŒæ£ç€Ÿå¡
- åãæ¹ïŒãã¬ãã¯ã¹ã¿ã€ã å¶ïŒã³ã¢ã¿ã€ã ãªãã»ãã¬ãã·ãã«ã¿ã€ã ãªãïŒã
- å€åå°ïŒå
æ¬æš
詳现ã¯ãã£ãªã¢ãµã€ãã®åéèŠé ããã確èªãã ãã
https://careers.mercari.com/recruitment-selection/#section3ãã
ã¡ã«ã«ãªã°ã«ãŒãã«ã€ããŠ
ãããã䟡å€ã埪ç°ããããããã人ã®å¯èœæ§ãåºãã
ãå°çè³æºãéãããŠãããªããããè±ããªç€ŸäŒãã€ããããã«äœãã§ããããã2013幎ãåµæ¥è ã®å±±ç°é²å€ªéãäžçäžåšã®æ ã§æ±ãã課é¡æèãããããªãã¢ããªãã¡ã«ã«ãªãã¯çãŸããŸãããç§ãã¡ã¯ãç©ççãªã¢ãããéã«éãããããã䟡å€ã埪ç°ãããããšã§ã誰ããããããããšãå®çŸãã人ã瀟äŒã«è²¢ç®ããããã®éžæè¢ãå¢ããããšãã§ãããšä¿¡ããŠããŸãã
ãã¯ãããžãŒã®åã§äžçäžã®äººã
ãã€ãªãããããã人ã®å¯èœæ§ãçºæ®ãããäžçãå®çŸããŠãããŸããã¡ã«ã«ãªã°ã«ãŒãã®ç®æãã¹ãæ¹éã«ã€ããŠã¯ Mercari Culture Doc ãã芧ãã ããã
çµç¹ã»ããŒã ã®ããã·ã§ã³
- Mercari Engineering Principles
Mercari Engineering Principles ã¯ãã¡ã«ã«ãªã®ãšã³ãžãã¢ãªã³ã°çµç¹ã«ããã信念ãè¡åã®åºç€ãšãªãå ±éèªèãææåãããã®ã§ãã¡ã«ã«ãªã®ã¡ã³ããŒå šå¡ãå ±æããMissionãValueãCultureããšã³ãžãã¢ãªã³ã°ã®èŠç¹ããè£å®ãããã®ãšãªããŸãããããã®Principlesã¯ãç§ãã¡ãé·æçã«å®çŸããããšããçæ³çãªå§¿ãå®çŸ©ããããšã§ãæçµçã«ã¡ã«ã«ãªã®ããã·ã§ã³ãéæããããã«æŽ»çšããŠãããŸãã
- Passion For The Product
- Grow Together
- Solve Through Mechanisms
- Collaborate Openly
詳现ã«ã€ããŠã¯ãšã³ãžãã¢ãªã³ã°ã«ã«ãã£ãŒ ãã芧ãã ãã
https://engineering.mercari.com/culture/ ã
ã³ãŒãã¬ãŒãã»ãã¥ãªãã£ãšã³ãžãã¢ãšããŠãã³ãŒãã¬ãŒããšã³ãžãã¢ããŒã ããããã¯ãéçºããŒã ãšç¶¿å¯ã«é£æºããã¡ã«ã«ãªã°ã«ãŒãããªãŒãããŠããã ããŸããå
·äœçã«ã¯ãã³ãŒãã¬ãŒãITç°å¢ã«å¯Ÿãããªã¹ã¯è©äŸ¡ãã»ãã¥ãªãã£å¯Ÿçã®èŠä»¶å®çŸ©ãªã©ã®äžæµå·¥çšããããœãªã¥ãŒã·ã§ã³å°å
¥ãéçšãªã©ã®äžæµå·¥çšãŸã§å€å²ã«ããããŸããå¹
åºãæ¥åã«æºãããªãããITç°å¢å
šäœã®ã»ãã¥ãªãã£åŒ·åãæšé²ãããŒããã©ã¹ãã¢ãŒããã¯ãã£ãŒã®å®çŸã«è²¢ç®ããŠããã ããŸãã
ã¡ã«ã«ãªã®ããã·ã§ã³ã»ããªã¥ãŒã«ã€ããŠã®è©³çŽ°ã¯ãã¡ããã芧ãã ãã
https://careers.mercari.com/culture/
æ¥åå 容
- ITç°å¢ã«é¢ãããªã¹ã¯è©äŸ¡ãšã»ãã¥ãªãã£æŠç¥ã®çå®
- è åšã¢ããªã³ã°ãéããŠITç°å¢ã®ã»ãã¥ãªãã£ã«é¢ãããªã¹ã¯è©äŸ¡
- ITç°å¢ã«å¿ èŠãªã»ãã¥ãªãã£å¯Ÿçã®èŠä»¶å®çŸ©
- ã»ãã¥ãªãã£ã«é¢ããããªã·ãŒãšã®æŽåæ§èª¿æŽ
- ITç°å¢ã®ã»ãã¥ãªãã£å¯Ÿçãã¶ã€ã³
- å°å ¥ãœãªã¥ãŒã·ã§ã³ã®éžå®ãšæ¯èŒæ€èš
- å°å ¥ãœãªã¥ãŒã·ã§ã³ã®éçšèšèš
- éçšäžã®èª²é¡æŽçãšè§£æ±ºçã®æ€èš
- çµå¶å±€ãžã®ææ¡ãšåæ圢æ
- ã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ã®å®è£ ããã³éçš
- ã»ãã¥ãªãã£å¯Ÿçã®éçšïŒèšå®ãåãåãã察å¿ïŒãã³ãŒãåããã§ããã ãèªååãè¡ã
- ã»ãã¥ãªãã£ãã³ããšã®é£æº
- ã»ãã¥ãªãã£å¯Ÿçã®ã¢ãã¿ãªã³ã°ãè©äŸ¡
- äŒæ¥è³ç£ã«é¢ããã€ã³ã·ãã³ã察å¿åã®åäž
- ã»ãã¥ãªãã£å¯Ÿç管çã®åŸ¹åº
- è åšæ€ç¥ãšã³ãžãã¢ãªã³ã°ããŒã ã«ãã察å¿ãã¬ã€ããã¯äœæã®ãµããŒã
- ç·æ¥å¯Ÿå¿ããŒã ãšé£æºãã瀟å
ã€ã³ãã©é¢é£ãã¡ã€ã³ã®ãããžã§ã¯ãã¡ã³ããŒãšããŠæ¥åé
ãŠããŒã¯ãªãã£ã¬ã³ãž
- ã¯ã©ãŠããã€ãã£ãç°å¢ã«ãããŠãåäŸã®ãªã瀟å¡ã®èªç±ãªåãæ¹ãæ¯æŽããããšãã§ãã
- èªç±ãªåãæ¹ãžã®ç©æ¥µçãªãµããŒããéããŠãæå 端ã®ã³ãŒãã¬ãŒãITã»ãã¥ãªãã£ãå®çŸããããšãã§ãã
- ã»ãã¥ãªãã£èŠä»¶å®çŸ©ãªã©ã®äžæµå·¥çšããäŒç€Ÿã®ITç°å¢ããã¶ã€ã³ããå®éã®ãœãªã¥ãŒã·ã§ã³å°å ¥ãéçšãªã©ã®äžæµå·¥çšãŸã§ãåºãæ¥åã«è£éæš©ãæã£ãŠåãçµãã
- ã°ããŒãã«ãªã¹ã±ãŒã«ãã€æ¥æé·ããçµç¹ãç°å¢ã®ãªãã§ããã€ãããºã ã«å¯ãã ã»ãã¥ãªãã£å®è£ ã«ãã£ã¬ã³ãžã§ãã
å¿åèŠä»¶
- æ±ããçµéšã»ã¹ãã«
- ITã«é¢é£ãããµã€ããŒã»ãã¥ãªãã£ã®å°éé åã«ãããåŠå£«å·ãŸãã¯åçã®å®åçµéšã
- ã¯ã©ãŠãç°å¢ã«ãããITã·ã¹ãã ã®ãªã¹ã¯è©äŸ¡ãã»ãã¥ãªãã£èŠä»¶çå®ãèšèšã®çµéš
- ãšã³ããã€ã³ãã»ãã¥ãªãã£ã®æ€èš,æ§ç¯,éå¶åã³æ¹åã®çµéš
- ID管çãèªèšŒã·ã¹ãã ã®å°å ¥ãéçšçµéš
- ã»ãã¥ãªãã£ã€ã³ã·ãã³ã察å¿çµéš(圱é¿åæã調æ»ã察å¿ãåçºé²æ¢çã®æ€èšãšå®è¡æ¯æŽ)
- ITã€ã³ãã©ã«é¢ããæ·±ãç¥èïŒTCP/IP, ãããã¯ãŒã¯, ãµãŒã, èªèšŒããã£ã¬ã¯ããªãµãŒãã¹,ãšã³ããã€ã³ããããŒãžã¡ã³ãïŒ
- å€æ§æ§ã®ããç°å¢ã§ä»è ãšã®åŒ·ãããŒã ã¯ãŒã¯ãçºæ®ã§ããæ¹
- ã»ãã¥ãªãã£äžã®è åšããªã¹ã¯ãå¹æçã«æ瀺ãäŒéããç·©åçãæŠç¥ãéåæãªãèœãšã蟌ãèœå
- ãããžã§ã¯ããããžã¡ã³ãçµéš
- ã¡ã«ã«ãªã®ããã·ã§ã³ãšããªã¥ãŒã«å ±æããŠããã ããæ¹
- æè¿ããçµéšã»ã¹ãã«
- ã»ãã¥ãªãã£ã¢ãŒããã¯ã/ITã¢ãŒããã¯ãã®æ¥åçµéš
- ã¯ã©ãŠããã€ãã£ãããŒããã©ã¹ãããŒã¹ã®ã³ãŒãã¬ãŒãITã®ã·ã¹ãã ã¢ãŒããã¯ãã£ã®èšèšãã»ãã¥ãªãã£è£œåè©äŸ¡ãPoCãæ§ç¯ãéçšã®çµéš
- ã¯ã©ãŠãããŒã¹ç°å¢ãInfrastructure as Codeãããã³ãããã€ã¡ã³ããã€ãã©ã€ã³ã«é¢ããç¥èãšå®åçµéš
- GoãPythonãJavascriptãªã©ã®éçºèšèªã®ç¥èãããã³ãªããžã§ã³ç®¡çããŒã«ïŒGithubãªã©ïŒã«ããã³ãŒãã®ç®¡ççµéš
- æ å ±ã·ã¹ãã ãã¢ããªã±ãŒã·ã§ã³ã®éçºããã³éçšç®¡çãã·ã¹ãã ã»ãã¥ãªãã£ã«é¢ããå šè¬çãªç¥è
- ã»ãã¥ãªãã£æ©åšãç£èŠåºç€ïŒCASBãEDRãDLPãªã©ïŒã®æ§ç¯ã»éçšçµéš
- ããŒã ãããžã¡ã³ãã®çµéš
- æ å ±ã»ãã¥ãªãã£é¢é£ã®è³æ Œä¿æ(CISSP, CEH, SANS GIACç)
- ã·ã¹ãã ãæ å ±ã»ãã¥ãªãã£é¢ããç£æ»ã®å®æœçµéš
- éèäºæ¥ã«ãããæ¥åçµéšã»ç¥è
- PCI DSSãGDPRçã®ã³ã³ãã©ã€ã¢ã³ã¹èŠä»¶ã®ç解
- èªåŠå
- è±èªïŒæ¥åžžäŒè©±ã¬ãã«ïŒå¿ é ïŒ,ããžãã¹ã¬ãã«ïŒæè¿ïŒCEFR-B2ïŒ
- æ¥æ¬èªïŒæµæ¢ã¬ãã«ïŒå¿
é ïŒCEFR-C1ïŒ
â»CEFRã®è©³çŽ°ã«ã€ããŠã¯ããã¡ããã芧ãã ãã
https://careers.mercari.com/language/#page-1
ã
ã¡ã«ã«ãªã°ã«ãŒãã«ã€ããŠç¥ãã
- ãã£ãªã¢ãµã€ã https://careers.mercari.com/
- ã¡ã«ã«ã³ïŒhttps://mercan.mercari.com/
- SNSïŒX / Linkedin
éžèã«ã€ããŠ
ã¡ã«ã«ãªã°ã«ãŒãã§ã¯ã¡ã«ã«ãªã°ã«ãŒãããã³åã«ã³ãããŒã®ããã·ã§ã³ãšããªã¥ãŒãžã®å ±æã»äœçŸã倧åã«ããŠããŸããã¡ã³ããŒãçºæ®ãã䟡å€ã®ç·éãæ倧åããããããªçµç¹ã¥ãããæšé²ããããã«ãåè£è ã®ã¿ãªããã®çµéšãã¹ãã«ãããæ£ããç解ããããšèããŠããŸãã
éžèã®æµã
- æžé¡éžè
- æè¡èª²é¡ïŒãšã³ãžãã¢ããžã·ã§ã³ã§ã¯HackerRankãŸãã¯Githubã§ã®æè¡èª²é¡ãããšã³ãžãã¢ä»¥å€ã®ããžã·ã§ã³ã§ã¯æ¡çšããžã·ã§ã³ã«ãããŸãïŒé¢æ¥ã¿ã€ãã³ã°ãšååŸããããšããããŸãïŒ
- é¢æ¥ïŒããžã·ã§ã³ã«ãããè€æ°åã®é¢æ¥ããé¡ãããŸã
- ãªãã¡ã¬ã³ã¹ïŒãªã³ã©ã€ã³åç圢åŒã®ãã®ã§ãæçµéžèã®ååŸã§ãé¡ãããŸã
- ãªãã¡ãŒïŒæçµéžèãšãªãã¡ã¬ã³ã¹ã®å 容ãã決å®ãããŸã
ãâ»è©³ãã㯠ãã¡ãã®ããŒãžãã芧ãã ãã
ãhttps://careers.mercari.com/recruitment-selection/#section2
éžèã«ãããæ©äŒã®å¹³ç
ã¡ã«ã«ãªã§ã¯ãããã¯ã°ã©ãŠã³ãã«ãã£ãŠå人ã®å¯èœæ§ã決ãã€ããããããšãªããèªç±ã«äŸ¡å€ãçã¿ã ãæ©äŒãæã«ã§ãã瀟äŒã®å®çŸãç®æããŠããŸãããããŠã¡ã«ã«ãªãããã·ã§ã³ãå®çŸããããã«ãInclusion & Diversityããšããèãæ¹ã¯äžå¯æ¬ ãªååšã ãšèããŠããŸãã
æ¡çšæŽ»åã«ãããŠããã¡ã«ã«ãªã®ããã·ã§ã³ã»ããªã¥ãŒã«å
±æãããæ§ã
ãªããã¯ã°ã©ãŠã³ãã®æ¹ã«ãžã§ã€ã³ããŠããã ããããã幎霢ãæ§å¥ãæ§çæåã人皮ãå®æã身äœèœåããã®ä»èšå·ã«åºã¥ãããããå·®å¥ããªããããšãçŽæããŸãã
詳ããã¯ãI&D statementãã芧ãã ããã
https://about.mercari.com/inclusion-diversity/
ãªãããå¿åã®éã«ã¯ãã©ã€ãã·ãŒããªã·ãŒãã確èªãã ããã
https://careers.mercari.com/privacy/
Enterprise Security Engineer(ã³ãŒãã¬ãŒãã»ãã¥ãªãã£ãšã³ãžãã¢) â Mercari
- Employment Status:Full-time
- Work Hours:Full Flextime (no core time)
- Office: Roppongi
For more details, see the Overview of Our Positions section on our Careers site.
https://careers.mercari.com/en/recruitment-selection/#section3 ãã
About Mercari
Circulate all forms of value to unleash the potential in all people
"What can I do to help society thrive with the finite resources we have?" The Mercari marketplace app was born in 2013 out of this thought by our founder Shintaro Yamada as he traveled the world. We believe that by circulating all forms of value, not just physical things and money, we can create opportunities for anyone to realize their dreams and contribute to society and the people around them. Mercari aims to use technology to connect people all over the world and create a world where anyone can unleash their potential. For more information about Mercari Groupâs mission, see Mercariâs Culture Doc.
https://careers.mercari.com/en/culture/
Organization/Team Mission
Mercari Engineering Principles
Mercari Engineering Principles are a shared understanding that serves as the foundation of engineering beliefs and behavior at Mercari. The Engineering Principles are designed to complement the organizational identity (Mercariâs mission, values, and culture) from an engineering viewpoint.
These principles ultimately help us achieve Mercariâs mission by defining the ideal state we seek to realize in the long term.
- Passion For The Product
- Grow Together
- Solve Through Mechanisms
- Collaborate Openly
For more details, please see the following link:
As an Enterprise Security Engineer, you will work closely with the Corporate Engineering team and production teams to lead security initiatives within the Mercari Group. This position handles a wide range of tasks, from upstream processes like assessing risks facing the corporate IT environment and defining requirements for security measures, to implementing solutions and other downstream processes. You will also work to strengthen security for the IT environment as a whole and contribute to implementing zero-trust architecture.
- Secure our infrastructure, corporate environment and services
- Identify risks and resolves issues through scalable solutions
- Maintain and update a secure enterprise platform vision and roadmap
See here for more information about our mission and values.
https://careers.mercari.com/en/culture/
Work Responsibilities
- Formulating risk assessments and security strategies relating to the IT environment
- Assessing risks relating to the security of the IT environment through threat modeling and regular reviews.
- Defining requirements for security measures necessary for the IT environment
- Ensuring consistency with security policies
- Maintenance and ownership of the corporate IT security roadmap
- Document and be able to report about the state of maturity of our infra against a defined standard.
- Designing security measures for the IT environment
- Selecting and comparing solutions to be implemented
- Planning operations for solutions to be implemented
- Identifying problems in operations and considering solutions
- Proposing solutions and building consensus with senior management
- Implementing and running security solutions
- Running security measures (setting configurations, answering questions, etc.) as code and through automation.
- Liaising with the IT team and security vendors
- Monitoring and evaluating security measures
- Coordinate with the IT team for the review and release of security configurations and countermeasures.
- Improve incident handling capabilities related to Enterprise assets.
- Master the management of our security countermeasures
- Support the Threat Detection Engineering team in creating response playbooks
- Act as subject matter expert for enterprise infrastructure related domains, in collaboration with the emergency response team.
Unique Challenges
- Support the freedom of employees to choose whatever work style is best for them through a cloud-native environment
- Provide active support for diverse work styles within and outside of Japan and the US.
- Work on a wide range of tasks, from upstream processes like defining security requirements to designing the companyâs IT environment and actually implementing solutions
- Take on the challenge of implementing dynamic security in a rapidly-growing global organization and environment
Qualifications
- Required Experience/Skills
- Bachelor's degree or equivalent practical experience in core cybersecurity domains related to IT.
- Experience assessing risks and formulating/designing security requirements for cloud based IT systems
- Experience analyzing, building, administrating, and improving endpoint security
- Experience implementing and operating identity and role management, as well as authentication systems
- Experience handling security incidents (impact analysis, investigation, response, consideration of and support for implementing preventative measures)
- Extensive knowledge of IT infrastructure (TCP/IP, networks, servers, authentication, directory services, endpoint management)
- Strong teamwork skills and the ability to collaborate with others in a diverse environment.
- Ability to effectively present and communicate security threats and risks to any audience and impress upon them the mitigation techniques and strategies
- Experience managing projects
- Shared belief in Mercariâs mission and values
- Preferred Experience/Skills
- Experience working as a security architect or IT architect
- Experience leading or managing teams
- Certifications related to information security (CISSP, CEH, SANS GIAC, etc.)
- Understanding of compliance requirements such as PCI DSS and GDPR
- Knowledge of and experience working in a cloud-based environment, infrastructure as code, as well as deployment pipelines
- Knowledge of development languages like Go, Python or Javascript and management of code through revision control tools (like Github)
- Knowledge of and experience working in financial or crypto asset businesses
- General knowledge of information system/application development/management and system security
- Experience carrying out audits regarding systems and/or information security
- Experience building and operating security devices and monitoring infrastructure (CASB, EDR, DLP, etc.)
- Language
- English: Business level (required)
- Japanese: Near-native level (preferred)
For details about CEFR, see here.
https://careers.mercari.com/en/language/ ã
Learn More About Mercari Group
- Careers site: https://careers.mercari.com/en/
- Mercan: https://mercan.mercari.com/en/
- Social media: X / Linkedin
Recruiting at Mercari
At Mercari Group, we value empathizing with and embodying the mission and values ââof the Group and each company. To promote the creation of an organization that maximizes the total amount of value exhibited by all members, we would like to understand the experience and skills of each candidate as accurately as possible.
Recruiting cycle at Mercari Group
- Application screening
- Skill assessment: For engineering positions, you will be asked to complete a skill assessment on HackerRank or GitHub. For non-engineering positions, you may be asked to complete an assessment depending on the position. (The timing of the assessment may coincide with the interview process.)
- Interview: The number of interviews may vary depending on the position.
- Reference check: We will ask for online references around the timing of the final interview.
- Offer: Offers will be determined carefully in consideration of the final interview and the reference check.
ãLearn more about our recruiting process here.
ãhttps://careers.mercari.com/en/recruitment-selection/
Equal Opportunity Hiring
Here at Mercari, we work to realize a world in which no oneâs potential is limited by their background and everyone has the opportunity to freely create value. We also firmly believe that a mindset of Inclusion & Diversity is essential for us to achieve our mission.
This, of course, extends to our hiring practices as well. Mercari is committed to eliminating discrimination based on age, gender, sexual orientation, race, religion, physical disability, and other such factors so that anyone who shares our mission and values can join us, regardless of their background.
For more details, please read our I&D statement.
https://about.mercari.com/en/inclusion-diversity/
Please read and acknowledge our Privacy Policy prior to submitting your application.
https://careers.mercari.com/en/privacy/