Mercari Computer Security Incident Response Team (CSIRT) is responsible for leading and managing incident response to security incidents happening in the Mercari group. As a member of Mecari CSIRT, you will be hunting, validating, and remediating security incident risks. In case of incident response, you’ll be planning, managing, and leading required response actions including validation, analysis, investigation, containment, remediation, and reporting with coordination with Security Operation Center (SOC), other security and stakeholder teams.
Additionally, you’ll be contributing to the following responsibilities of Mercari CSIRT.
- Maintaining and improving incident response communication and reporting structure, documentations, process and operations
- Planning and facilitating incident response trainings
- Coordination with third parties to collect threat information
- Development and automation of forensic/malware analysis lab environment, and building knowledge base of security incident investigation in Mercari group’s environment
- Threat intelligence collection and research: identifying potential security incident risks including threat actors targeting Mecari group and cyber crimes targeting Mercari customers
- Planning and leading threat hunting: validating the current monitoring scope and finding possible attack scenarios happening outside of the current monitoring scope
- Work on cutting-edge cybersecurity initiatives to protect Mercari’s customer base as a member of the security team at a high-growth company that faces a growing threat of ever more intricate and advanced cyberattacks. Work with a skilled in-house team to build fundamental solutions and systems to tackle these challenges.
- Work on security measures for the largest marketplace app in Japan, “Mercari”, and our growing financial service, “Merpay”. Work with state of the art cloud-based and microservices technology including our in-house developed SOAR systemWork with talented team members in a diverse environment with the opportunity to challenge yourself to learn new things.
- Work on not only incident response but also proactive and advanced functionalities of CSIRT including threat intelligence and threat hunting with coordination with various teams in Mercari group.
- Shared understanding and belief in Mercari Group mission and values
- Incident handling and remediation experience as a CSIRT or security team member or experience of forensic analysis, incident commander, or incident response process design as a security service consultant
- In-depth knowledge of IT infrastructure (in particular cloud-based infrastructure) - cloud based technologies, container-based applications, networks, servers, authentication, directory services, endpoint management, etc.
- Communication skills for effective coordination with SOC and other teams and accurate reporting to stakeholders and management
- Passion to build the best CSIRT together in a tech company aiming to expand to global scale with cutting-edge technologies and platforms
- Strong interest in planning, leading, or contributing to advanced CSIRT functionalities including threat intelligence, threat hunting, and forensic/malware analysis lab environment
Nice to haves
These aren’t required, but be sure to mention them in your application if you have them.
- Experience of establishing or managing CSIRT or SOC
- Using SQL to conduct log investigations using data analytics platforms such as BigQuery
- 4+ yrs of experience in at least one major domains of security
- Hands-on experience of microservice architecture, Docker, Kubernetes, or container orchestration technologies
- Knowledge and experience of cloud-based infrastructure security (GCP, AWS, etc.)
- Experience of digital forensics and malware analysis
- Experience of security analysis (penetration testing, web application security testing, vulnerability testing, threat modeling, etc.)
- Knowledge and experience of version management, IDE, CI/CD tools and other tools related to the software development process