Security Engineer (Internship)

We are currently taking application from those who graduate after March 2024.

Introduction

Circulate all forms of value to unleash the potential in all people

"What can I do to help society thrive with the finite resources we have?" The Mercari marketplace app was born in 2013 out of this thought by our founder Shintaro Yamada as he traveled the world. We believe that by circulating all forms of value, not just physical things and money, we can create opportunities for anyone to realize their dreams and contribute to society and the people around them. Mercari aims to use technology to connect people all over the world and create a world where anyone can unleash their potential.For more information about Mercari Group’s mission, see Mercari's Culture Doc.

Equal Opportunity Hiring

Here at Mercari, we work to realize a world in which no one’s potential is limited by their background and everyone has the opportunity to freely create value. We also firmly believe that a mindset of Inclusion & Diversity is essential for us to achieve our mission.

This, of course, extends to our hiring practices as well. Mercari is committed to eliminating discrimination based on age, gender, sexual orientation, race, religion, physical disability, and other such factors so that anyone who shares our mission and values can join us, regardless of their background. For more details, please read our I&D Statement.

Position Overview

Work Responsibilities

As an Intern in the Mercari Security Engineering and Strategy Team, you will have the opportunity to participate in security design, process reviews as well as develop and deploy security countermeasures, and execute penetration tests. This is a unique role within Mercari since you will be involved in high-stakes projects across the organization. The candidate will be exposed to the following topics, and will be invited to work on one opportunity of his/her choice:

• Monitoring and log analysis
• Penetration testing, threat modeling and security automation
• Web and mobile application security testing
• Technical project management

For each of these topics, the candidate will need to:

• learn about Mercari’s infrastructure
• create a map representing how systems interact with each other
• understand the underlying code and structure
• conduct supervised experimentation to achieve a decided objective
• describe discoveries, identify for improvements, and present findings to the stakeholders
• cooperate with the system owners to plan improvements

Why would Mercari be a good place to learn about these topics?

• Mercari’s infrastructure relies on current cloud base technology
• the scale of the data and systems that Mercari is using makes it a challenging environment and a unique opportunity to tackle difficult problems

Unique and Bold Challenges

• The Security Engineering and Strategy team at Mercari is responsible for dealing with a vast array of data, logs, and dependencies. As a member of the team, you will be able to employ cutting-edge and complex cloud infrastructure systems to help us tackle complex challenges.
• With a rapidly growing number of organizations and services, it is extremely important for Mercari to introduce automation and reduce dependency on manual work as much as possible. This is an exciting opportunity to gain experience in helping us build out our security systems and solve interesting challenges in a fast-paced environment.

Minimum Requirement

• Shared understanding and belief in our company’s mission and values
• Strong interest in security
• Able to work more than 20 hours per week for 2 or 3 months
• Programming experience with one or more programming languages including but not limited to: Go, Python, PHP, Javascript
• Enrolled in a Bachelor's degree (or higher) program or technical school in Computer Science, Information Security, or other engineering-focused major
• Effective interpersonal and communication skills
• Basic Linux understanding and an ability to operate Linux
• Basic familiarity with SQL Querying
• Able to join our internship from July 2023

Preferred Requirement

• Basic understanding or strong interest in any of the following:
• Public cloud infrastructure platforms (GCP, AWS or Azure)
• Container and orchestration technologies (Docker, Kubernetes)
• Capture the flag (CTF), bug bounty, penetration testing, Web or mobile application security testing,
• Security automation and DevSecOps
• Basic experience with software development tools such as Git, dependency management, build and deployment tools
• Understanding of modern Web or mobile applications

Screening Criteria

• Fundamental engineering skills, including computer and network architecture, operating systems, and protocol understanding
• Coding/scripting skills
• Motivation and ability to learn new technologies
• Teamwork skills in a diverse environment

Language Requirements

English or Japanese: Independent (CEFR-B2)

• The Security Team is a diverse team with members from around the globe. Team members have various levels of Japanese and English proficiency and we value mutual effort, understanding, and support, we aim to meet in the middle to make everyone feel comfortable regardless of the member’s native language.

Working Conditions

Employment Status

• Intern

Office

Roppongi

• Smoking is prohibited within our offices
• Mercari has introduced a work style policy called “Your Choice.” Each member is free to choose whether they want to work in the office or work fully remote. *Exceptions made for certain kinds of work.

Work Hours

• Able to work more than 20 hours per week
• 3 months of Internship is encouraged. 

Salary

• Hourly wage (Salary: Negotiable)

Benefits

• Full transportation coverage
• Custom PC
• Dual screen if needed
• Visa support
• Accommodation for those who are from outside of Tokyo area