Detect, respond, mitigate, and report on cyber threats/incidents that may impact the LINE environment.
Analyze and respond to security threats from FW, IDS, AV, EDR and other security threat data sources.
Perform host and network level analysis to support on-going investigations through incident response.
Conduct cyber security incident response technologies including network logging and forensics, security analytics platforms, log search technologies, and etc.
Performs attack scope and root cause analyses
Develops attack remediation strategies
Develop in-house tools to assist about collection and analysis
Identifies and develops workflow automation to lower response time and eliminate lengthy response times
Development of incident handling processes, standard operating procedures, playbooks and runbooks
- Major required (At least two of the following.)
Understanding of common operating systems and IT Infrastructure such as Windows, Unix/Linux, MacOS, Active Directory, Firewalls, Web-proxies, SaaS, etc.
Experience building tools and automation, also using with one or more general purpose programming languages
Extensive knowledge of standard signature and information sharing data formats and exchange protocols such as Yara, STIX/TAXII, etc.
Experience working knowledge of common security tools, such as a SIEM, AV, scanners, IDS or forensics tools
Demonstrated experience in an enterprise-level incident response team or security operations center. Direct experience handling advanced cyber security incidents and associated incident response toolset
- Other required
Aptitude for learning, be self-directed, and be capable of working in a fast-paced operations environment
Interface with the other teams to develop novel solutions to problems
Strong analytical skills and critical thinking skills
Effective communication skills (both written and verbal)
Must be available to work on-call or off hours as needed to respond to an incident
[Education and Experience Required]
Bachelor's Degree or higher in the field of Computer Science, Information Security or related field (may be substituted for experience and industry certifications)
Minimum 3+ years experience in one or more of the following cybersecurity functions:
Need to speak Japanese at a minimum level of casual conversation.
※ Preferential treatment for Portfolio (Github or Report).
Location: Tokyo, JAPAN
Shinjuku Office /JR SHINJUKU MIRAINA TOWER 23rd FL.,4-1-6 Shinjuku,Shinjuku-ku,Tokyo,160-0022
One of the followings will be applied: Discretionary labor system for professional work (Employee is deemed to have worked for 9.5 hours a day, regardless of the actual number of hours worked), Flex-time system (core time: 11:00 am–4:00 pm) or 10:00 am–6:30 pm（actual working hours 7 hr 30 min)
*To be determined after the interview process
Weekends (Saturdays and Sundays), national holidays, paid leave, New Year’s holiday, congratulatory and condolence leave, "Refreshment" leave (every 5 years, employees who have been employed under a continuous contract are entitled to 10 days of paid leave)
Annual salary system (To be determined based on skills, experiences and abilities after discussions)
- Annual compensation will be divided into 12 months and paid on a monthly basis.
- Separate incentives available (*1)
- Compensation revision: twice a year
- Allowances: commuting allowance, LINE Pay Card Benefit Plan (*2)
(*1) In addition to your annual compensation, you may receive incentives (twice a year) depending on the company's and individual performance and evaluation on your performance. (Incentives are not guaranteed to be provided. An incentive payment will only be paid if you remain employed as of the payment date.
(*2) This is an allowance separate from the salary meant for employees to use for their health, personal development, support for raising the next generation, and more.
Employment insurance, workers accident compensation insurance, health insurance, employees pension insurance
- Periodic health checkup
- Company events and others
Details to be shared during interviews.