Join a global internet services leader as an IT Security Engineer, helping to secure one of Japan's largest online ecosystems. You'll provide vulnerability remediation support and security testing to ensure protection throughout the Secure Development Life Cycle (SDLC). This is an exciting opportunity to work within a highly skilled Cyber Security Defense Department (CSDD) and contribute to world-class security standards across multiple platforms.
Key Responsibilities
- Conduct application penetration testing on web applications and APIs following OWASP methodology.
- Provide technical guidance and hands-on support to development teams to remediate vulnerabilities identified through SAST, DAST, and SCA scanners.
- Manage vulnerability tracking in internal systems such as JIRA, including status monitoring and escalation of overdue issues.
- Review security remediation evidence for compliance and effectiveness.
- Perform ongoing vulnerability management, including verification and follow-up after remediation.
- Serve as the main point of contact for development teams, ensuring clear communication throughout the remediation process.
Required Skills and Qualifications
Experience:
- 3+ years of professional experience in web application and network penetration testing.
- Strong understanding of OWASP Top 10 vulnerabilities and effective remediation techniques.
- Proficiency with vulnerability scanners (SAST, DAST, SCA) and interpreting their reports.
- Familiarity with JIRA or other enterprise ticketing systems.
Soft Skills:
- Excellent verbal and written communication skills, with the ability to explain technical concepts to both technical and non-technical audiences.
- Strong attention to detail and analytical mindset.
- Collaborative and proactive attitude, with a passion for cybersecurity.
Language Requirements:
- Japanese: Conversational level (JLPT N3 or higher preferred).
- English: Intermediate to business level (required for communication within global teams).
Preferred Skills & Qualifications
- Experience working in a DevSecOps environment.
- Knowledge of public cloud security or mobile application security testing.
- Relevant certifications such as Security+, CEH, or CISSP.
About the Company
Our client is a global leader in internet services, committed to maintaining a secure and trustworthy platform for millions of users worldwide. The Cyber Security Defense Department (CSDD) oversees all aspects of the Secure Development Life Cycle (SDLC), ensuring every stage of product development meets strict security standards. As part of this expanding team, you'll help protect large-scale digital services while developing your expertise in modern DevSecOps and application security practices.
Why You'll Love Working Here
- Be a vital part of a global cybersecurity team safeguarding high-impact digital services.
- Work with cutting-edge security tools and collaborate with leading professionals.
- Engage in both vulnerability management and remediation, building a well-rounded security skill set.
- Experience career growth in a collaborative, international, and innovative environment.
- Enjoy a flexible workplace culture with minimal overtime and casual dress.
Don't Miss Out - Apply Now!
