IT Infrastructure Engineer (Security)

Job Responsibility

This position is responsible for improving the security of the IT infrastructure that supports the development and operation of large-scale gaming platforms at one of the world's largest home entertainment/gaming companies, while utilizing a variety of security solutions (see below).
While based in Japan, you will work as a member of the global team, collaborating with IT and security teams in the U.S., Europe, and Asia, and will be primarily responsible for the following tasks:

• Planning the implementation of security solutions, designing operations, and supporting operations (from a security perspective)
• Address and remediate security issues in IT infrastructure
  
• Security design for public cloud environments (AWS, Azure, etc.)
  
•  (depending on the situation) security incident response 

We use security solutions as "tools" in IT infrastructure consisting of cloud/on-premises in Japan and Asia, and work with IT teams to continuously improve security.
You will also be responsible for new security solutions one after another in line with business, IT and security trends.

Examples of security solutions:

• Endpoint Detection and Response (EDR) solutions
  
• Vulnerability and security compliance solutions
  
• Endpoint (PC) management solutions
  
• Security solutions provided by public cloud (AWS, Azure, etc.) 

Organization & Workplace introduction

You will be responsible for information security at one of the world's largest home entertainment/gaming companies and will be active as a member of the Information Security Tokyo Office. The Information Security Tokyo Office is responsible for the security of game consoles and gaming network services sold worldwide, IT systems, infrastructure, PCs, and overall operations in Japan and Asia, in collaboration with DevOps and IT teams in the US, Europe, and Asia. 

Since we are in charge of a wide range of systems, from large-scale platforms to small-scale systems operated by a few people, we need to devise ways to ensure security and efficient operations. This is an environment where you can acquire not only knowledge and experience in security solutions, but also a flexible approach to security while expanding your perspective on security. 

Required Skills and Technical Areas

Essential Skills

Candidates need both of the following experiences:

• Experience in security operations similar to the job description (1 year or more), or experience in in-house infrastructure design, construction, or operation (1 year or more, regardless of the position involved, such as in-house SE or SIer)
• Experience in implementing or operating one or more of the following security solutions
    1. EDR (Endpoint Detection and Response) solution 
    2. Vulnerability/Security Compliance Solution 
    3. Endpoint (PC) management solutions 
    4. Security solutions provided by public cloud (AWS, Azure, etc.)  

Preferred Skills

• Experience in implementing and operating security products (WAF, vulnerability scanner, etc.) as listed in the job responsibility.
  
• Experience with Office 365 and SaaS implementation and operation
  
• Experience developing and operating web services in public cloud environments (AWS, Azure, etc.)
  
• Vulnerability management of internal infrastructure, web services, and websites (planning, planning and operation, and remediation)
  
• Experience in CSIRT or SOC

Ideal Candidate Profile

• The candidate should be able to communicate proactively with domestic and international departments and external vendors based on their security knowledge and technical background
  
• Able to work while learning on their own initiative and with an interest in the job contents
  
• We seek someone who consistently seeks to streamline processes and improve efficiency through automation in their role.
  *We place more importance on whether the candidate matches these characteristics than years of experience or language skills.

Language skills

• Japanese : Business level or above
• English : TOEIC 700 or above is preferred
  However, current English proficiency is not required, as long as the candidate is willing to improve independently. Proficient English Communication, including teleconferencing, written communication, etc., is necessary for interaction with our global teams, such as those in the US, Korea, China, Singapore, etc.

• セキュリティソリューションの導入計画立案、運用設計そして運用支援（セキュリティ観点から）
• ITインフラにおけるセキュリティ問題の対処と改善
• パブリッククラウド環境（AWS, Azure など）におけるセキュリティ設計
• （状況に応じて）セキュリティインシデント対応

• EDR（Endpoint Detection and Response）ソリューション
• 脆弱性/セキュリティコンプライアンスソリューション
• エンドポイント(PC) マネジメントソリューション
• パブリッククラウド(AWS, Azure など)が提供するセキュリティソリューション

求められるスキル・技術領域

下記の両方を満たす方

• 職務内容と類似のセキュリティ業務経験（1年以上）、または社内インフラ設計・構築または運用経験（1年以上、社内SEやSIerなど関わった立場は問わない）
• 下記の「セキュリティソリューション例」を1つ以上導入または運用した経験がある

• 職務内容に記載した「セキュリティソリューション例」以外のセキュリティ製品（WAF、脆弱性スキャナなど）の導入および運用経験
• Office 365 やSaaSの導入および運用経験
• パブリッククラウド環境（AWS, Azure など）におけるWebサービス開発・運用経験
• 社内インフラおよび、Webサービス・Webサイトにおける脆弱性管理（計画立案、その計画運用、そして対処まで）
• CSIRTまたはSOCでの業務経験

• セキュリティ知識や技術的なバックグラウンドをもとに、国内・国外の各部門や外部ベンダなどと積極的にコミュニケーションできる方
• 職務内容に興味を持ち、自発的に学習しながら業務を遂行できる方
• 担当業務において、自動化を念頭におき省力化や効率化を常に検討できる方

• TOEIC 700以上が望ましい。ただし、自ら向上する意欲があれば現在の語学力を問いません
• グローバル（米国、韓国、中国、シンガポールなど）に存在する各拠点のスタッフと英語でコミュニケーション（電話会議、テキストコミュニケーションなど）する必要があります