Department Overview 
The role is situated within the International Standards & Systems Section (ISSS), which falls under the Information Security & Privacy Governance Department at Rakuten Group Headquarters. The primary objective of the ISSS is to implement Governance, Risk, and Compliance (GRC) practices throughout the entirety of Rakuten Group, following globally recognized best practices.

Position
Why We Hire:
Ensure the Payment Card Industry Data Security Standard (PCI DSS) compliance for all non-Fintech services within Rakuten Group. Make valuable contributions to multiple industries such as the PCI Security Standards Council (PCI SSC) and the Japan Card Data Security Committee (JCDSC).

Position Details:
This position entails the auditing and management of Payment Card Industry Data Security Standard (PCI DSS) requirements and controls throughout Rakuten Group. The department is entrusted with the responsibility of ensuring PCI DSS compliance for Rakuten Group companies operating outside the Financial Technology (FinTech) sector. The primary tasks involve evaluating controls and risks within business systems from an information security perspective.

Responsibilities:
(1) Audits / Assessments
・Provide support to businesses during PCI DSS external audits through consultations, addressing inquiries, and participating in feedback sessions.
・Conduct internal PCI DSS audits for small and medium-sized businesses within the organization.
・Perform risk assessments for business and system operations, including design evaluation.
(2) Projects
・Actively participate in projects aimed at enhancing PCI DSS standards and contribute to their improvement.

Mandatory Qualifications:
・ Bachelor’s degree in an IT-related major.
・ 4+ years working experience.
・ Basic skills and knowledge on IT infrastructure.
(TCP/IP, network, Linux/Windows OS, authentication, directory service).
・2 years’ experience in development, or
・2 years’ operation on information systems (applications or infrastructures) OR 2 years’ experience in information security or relevant areas.
・ English level: TOEIC 800 or above

Desired Qualifications:
– Qualification: QSA, ISA, PCIP, ISO27001 Internal Auditor or CISA
– Work Experience:
– PCI DSS Assessments
– Risk Management
– Internal Audit
– System Development/Operation

Additional information on Location:
Rakuten Crimson House

#engineer #informationsecurity #privacygovernance #technologymanagementdiv
Languages:

English (Overall – 3 – Advanced)