Incident Response Analyst / Security Center
- Tokyo
- Partial Remote
- Full-time
- December 6, 2022
Important Announcement
The health and safety of our employees and candidates is very important to us.
Due to the coronavirus (COVID-19) pandemic we are currently facing difficulties applying for working visas and traveling into Japan is restricted. Under these circumstances we are currently unable to extend offers to candidates who are living outside of Japan or do not own a permit to work in Japan. However, we continue to track the situation and once it is safe to proceed with recruiting, we will again open positions to candidates who wish to work at LINE in Japan.
Responsibilities
- Detect, respond, mitigate, and report on cyber threats/incidents that may impact the LINE environment.
- Analyze and respond to security threats from FW, IDS, AV, EDR and other security threat data sources.
- Perform host and network level analysis to support on-going investigations through incident response.
- Conduct cyber security incident response technologies including network logging and forensics, security analytics platforms, log search technologies, and etc.
- Performs attack scope and root cause analyses
- Develops attack remediation strategies
- Develop in-house tools to assist about collection and analysis
- Identifies and develops workflow automation to lower response time and eliminate lengthy response times
- Development of incident handling processes, standard operating procedures, playbooks and runbooks
Qualifications
Major required (At least two of the following.)
- Understanding of common operating systems and IT Infrastructure such as Windows, Unix/Linux, MacOS, Active Directory, Firewalls, Web-proxies, SaaS, etc.
- Experience building tools and automation, also using with one or more general purpose programming languages
- Extensive knowledge of standard signature and information sharing data formats and exchange protocols such as Yara, STIX/TAXII, etc.
- Experience working knowledge of common security tools, such as a SIEM, AV, scanners, IDS or forensics tools
- Demonstrated experience in an enterprise-level incident response team or security operations center.
- Direct experience handling advanced cyber security incidents and associated incident response toolset
Other Qualifications
- Aptitude for learning, be self-directed, and be capable of working in a fast-paced operations environment
- Interface with the other teams to develop novel solutions to problems
- Strong analytical skills and critical thinking skills
- Effective communication skills (both written and verbal)
- Must be available to work on-call or off hours as needed to respond to an incident
Educational background and Experience
- Bachelor's Degree or higher in the field of Computer Science, Information Security or related field (may be substituted for experience and industry certifications)
- Minimum 3+ years experience in one or more of the following cybersecurity functions:
Incident Response
Forensics
Vulnerability Management
SOC
Threat Hunting - Need to speak Japanese at a minimum level of casual conversation.
※ Preferential treatment for Portfolio (Github or Report).
Working Hours
One of the followings will be applied: Discretionary labor system for professional work (Employee is deemed to have worked for 9.5 hours a day, regardless of the actual number of hours worked), Flex-time system (core time: 11:00 am–4:00 pm) or 10:00 am–6:30 pm(actual working hours 7 hr 30 min)
*To be determined after the interview process
Holidays/Vacations
Weekends (Saturdays and Sundays), national holidays, paid leave, New Year’s holiday, congratulatory and condolence leave, "Refreshment" leave (every 5 years, employees who have been employed under a continuous contract are entitled to 10 days of paid leave)
Compensations
Annual salary system (To be determined based on skills, experiences and abilities after discussions)
- Annual compensation will be divided into 12 months and paid on a monthly basis.
- Separate incentives available (*1)
- Compensation revision: twice a year
- Allowances: commuting allowance, LINE Pay Card Benefit Plan (*2)
(*1) In addition to your annual compensation, you may receive incentives (twice a year) depending on the company's and individual performance and evaluation on your performance. (Incentives are not guaranteed to be provided. An incentive payment will only be paid if you remain employed as of the payment date.
(*2) This is an allowance separate from the salary meant for employees to use for their health, personal development, support for raising the next generation, and more.
Insurances
- Employment insurance, workers accident compensation insurance, health insurance, employees pension insurance
Benefits
- Periodic health checkup
- Company events and others
*Implementation of second-hand smoke prevention measures
[Prohibiting Indoor Smoking (other than Smoking Room)]
Shinjukul, Osaki, Minami-shinjuku, Yotsuya
[Prohibiting Indoor Smoking (outdoor Smoking Area)]
Shinuku (NEX), Nishi-shinjuku
Details to be shared during interviews.
About LINE
LINE (ライン) は日本、タイ、台湾で最も人気のあるモバイルメッセンジャーです。力強い成長を続けるアジア地域を中心に、グローバルにサービスを展開し、成長を続けています。
モバイルメッセンジャーとして誕生したLINEは、ミッションに「CLOSING THE DISTANCE」を掲げ、世界中の人と人、人と情報・サービスとの距離を縮めることを目指しています。24時間365日、常にユーザーのニーズに応える「生活インフラ」となることをビジョンとしています。
今後は、モバイル上のユーザーニーズを統合的に解決していく、スマートポータルへの進化を目指しています。現在の事業は多岐に渡り、コミュニケーション・コンテンツ・エンターテイメントなどモバイルに特化した各種サービスの開発・運営と広告事業に加え、Fintech、AI、ブロックチェーン事業などを展開しています。
Get Job Alerts
Sign up for our newsletter to get hand-picked tech jobs in Japan – straight to your inbox.