Mercari is a Japan-based company with the mission of “create value in a global marketplace where anyone can buy & sell.” Having continuously worked toward this goal since our founding in 2013, we are now transforming from a startup into a global player. While this transformation brings its own specific set of challenges, we believe that solving them one after another will allow us to fully achieve our mission. Are you interested in working together to take on these exciting challenges?
Mercari’s culture has been central to the company since our founding, with the three core values of Go Bold, All for One, and Be a Pro. In addition, the “Trust & Openness” value was introduced to embody our culture of mutual trust, where information remains transparent and rules are kept to a minimum. Regardless of how big Mercari gets, our culture is essential to achieving our mission and will be promoted throughout our organization.
What You'll Do
Mercari Computer Security Incident Response Team (CSIRT) is responsible for leading and managing incident response to security incidents happening in the Mercari group. As a member of Mercari CSIRT, you will be hunting, validating, and remediating security incident risks. In case of incident response, you’ll be planning, managing, and leading required response actions including validation, analysis, investigation, containment, remediation, and reporting with coordination with Security Operation Center (SOC), other security and stakeholder teams.
- Additionally, you’ll be contributing to the following responsibilities of Mercari CSIRT.
- Maintaining and improving incident response communication and reporting structure, documentations, process and operations
- Planning and facilitating incident response trainings
- Coordination with third parties to collect threat information
- Development and automation of forensic/malware analysis lab environment, and building knowledge base of security incident investigation in Mercari group’s environment
- Threat intelligence collection and research: identifying potential security incident risks including threat actors targeting Mecari group and cyber crimes targeting Mercari customers
- Planning and leading threat hunting: validating the current monitoring scope and finding possible attack scenarios happening outside of the current monitoring scope
- Work on cutting-edge cybersecurity initiatives to protect Mercari’s customer base as a member of the security team at a high-growth company that faces a growing threat of ever more intricate and advanced cyberattacks. Work with a skilled in-house team to build fundamental solutions and systems to tackle these challenges.
- Work on security measures for the largest marketplace app in Japan, “Mercari”, and our growing financial service, “Merpay”. Work with state of the art cloud-based and microservices technology including our in-house developed SOAR systemWork with talented team members in a diverse environment with the opportunity to challenge yourself to learn new things.
- Work on not only incident response but also proactive and advanced functionalities of CSIRT including threat intelligence and threat hunting with coordination with various teams in Mercari group.
- Shared understanding and belief in Mercari Group mission and values
- Incident handling and remediation experience as a CSIRT or security team member or experience of forensic analysis, incident commander, or incident response process design as a security service consultant
- In-depth knowledge of IT infrastructure (in particular cloud-based infrastructure) - cloud-based technologies, container-based applications, networks, servers, authentication, directory services, endpoint management, etc.
- Communication skills for effective coordination with SOC and other teams and accurate reporting to stakeholders and management
- Passion to build the best CSIRT together in a tech company aiming to expand to global scale with cutting-edge technologies and platforms
- Strong interest in planning, leading, or contributing to advanced CSIRT functionalities, including threat intelligence, threat hunting, and forensic/malware analysis lab environment
- Experience in establishing or managing CSIRT or SOC
- Using SQL to conduct log investigations using data analytics platforms such as BigQuery
- 4+ yrs of experience in at least one major domains of security
- Hands-on experience with microservice architecture, Docker, Kubernetes, or container orchestration technologies
- Knowledge and experience of cloud-based infrastructure security (GCP, AWS, etc.)
- Experience in digital forensics and malware analysis
- Experience in security analysis (penetration testing, web application security testing, vulnerability testing, threat modeling, etc.)
- Knowledge and experience in version management, IDE, CI/CD tools and other tools related to the software development process
- CV screening
- Interview(3 - 4 times)
- Reference check
- *We will decide based on the feedback on the final interview and the references.
English: Basic (CEFR - A2) preferred
Japanese: Conversational level or above is preferred but not necessary.
First 3 months after joining the company. (During this period, your contract conditions will be the same as that of a permanent employee.)
Roppongi, Tokyo, Japan
Smoking is prohibited within our offices
Mercari has introduced a work style policy called “Your Choice.” Each member is free to choose whether they want to work in the office or work fully remote. *Exceptions made for certain kinds of work.
Full flextime (no core time)
*Does not apply to all positions
- Two days off per week (as well as national holidays, New Year's break, etc.)
- Paid leave, congratulatory and bereavement leave, relax days, sick leave
- Annual salary paid in 12 monthly installments (including fixed overtime allowance)
- Based on skills, experience, and abilities
- Reviewed twice a year
- Complete health and social insurance
- Incentive program
- Support systems, including those that benefit employee family members
- Language learning support
- Translation/interpretation support