【日商樂天】Cyber Threat Intelligence Analyst (DU)

【Department Overview】
In Rakuten Group, the security and safety of the Internet services are guaranteed by the Cyber Security Defense Department (CSDD). CSDD covers all aspects of the System Development Life Cycle (SDLC) and operation security for all the services developed inside Rakuten Group.

【Key responsibilities】
- Threat Intelligence collection from OSINT (open-source intelligence), proprietary tools, or commercial systems.
- Threat Intelligence analysis and curation, to produce an accurate, timely, and relevant report for internal customers periodically.
- Handle TI inquiries from internal customers and conduct investigations using various in-house or 3rd party TI platforms or tools.
- Tracking of attack campaigns from cybercrime, ransomware, hacktivism and espionage adversary groups using all sources.

【Mandatory qualifications】
- Excellent information organization, critical thinking, and TI report technical writing skills in English.
- General reading proficiency in at least one of Chinese, Korean, Russian, or Japanese.
- Cybersecurity fundamentals: understanding of type of threats and vulnerabilities, network security, endpoint hacking and information operations.
- Strong ownership and sense of responsibility. Execute assigned tasks with little supervision, but know when to ask for help

【Desired qualifications】
【Medium Level】:
- 3+ years of work experience in IT engineering related fields: system engineer, IT consultants, information security or cybersecurity
- Experience/Knowledge of CSIRT, DFIR, SOC workflow, cyber alert triage, malware, APT espionage groups, or MITRE ATT&CK frameworks
- Passionate about learning new attack TTP (tactics, techniques, and procedures) and tracking malicious actors’ activities.
- Ability to understand cultural differences, international, nation and local regulation, and collaborate with other departments or subsidiaries.

【Senior Level】:
- 5+ years of work experience in Cyber Security / MSSP / Threat Intelligence fields: SOC Analyst, TI Analyst, DFIR Analyst.
- Independent research and tracking capability on APT campaign, eCrime adversary groups against enterprise CSIRT constituency.
- Familiar with multiple external TI tools such as VirusTotal Pro, DomainTools, passive DNS, urlscan pro, Maltego, or other TI platforms.
- Mentorship and development for junior members; hosting training for group subsidiary CSIRT customers.
- Good social networking skills or a prominent presence in TI or Security Communities.