Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Jobs InfoSec Jobs

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cyber Security Engineer - Offensive Security
Company Rakuten USA
Location United States - Various
Preferred GIAC Certifications GPEN, GXPN, GWAPT, GCPN
Travel 0%
Salary Not provided
URL Not provided
Contact Name Anonymous
Contact Email alby.tam/at/rakuten.com
Expires 2021-09-28

Job Description

Rakuten Group is one of the world's leading Internet service companies, providing a variety of consumer and business focused services including e-commerce, eBooks, travel, banking and a host of other services. Rakuten Group is expanding globally and currently has operations throughout Asia, Europe, the Americas, and Oceania.  Rakuten Americas is seeking someone with a strong technical background to be the technical contributor for technical cyber security assessments such as penetration testing and vulnerability assessments, and support the development of our cybersecurity team and programs. 


Responsibilities: 
* Conduct technical cyber security assessments including red team exercise, penetration testing, vulnerability assessment, vulnerability scanning and secure code review to identify emerging vulnerabilities in networks, application and systems, evaluate their risks
* Lead small size technical cyber security assessments from start to finish
* Assist with large size projects to conduct cyber security assessments
* Assist with scoping prospective internal customer engagements and future security engagement projects to ensure successful planning
* Develop and present accurate and comprehensive reports for both non technical and technical audiences
* Document findings and make remediation recommendations
* Assist with security due-diligence for mergers and acquisitions
* Assist to design and develop and deliver security training for both tech and non-tech employees
* Evaluate and recommend new and emerging security solutions, technologies, and methodologies
* Develop automated tools and techniques to maximize efficiency and scale in red team security operations
* Assist to administrate and safely utilize attack tools and infrastructure
* Stay informed of new and emerging cyber threats and new attack vectors and evaluate their impact to Rakuten Group


Minimum required skills and experience:
* Bachelor's degree in Computer Science (or related field) plus 5 years of hands-on cyber security experience or Master's degree in computer science  (or related field) plus 2 years of hands-on cyber security experience
* 2+ years of experience performing network penetration testing and application penetration testing
* Familiarity with penetration testing tools such as nmap, Nessus, Burp Suite Professional, Kali Linux and Metasploit.
* Good understanding of enterprise network and application level security issues
* Solid understating of one or more of the following programing languages Python, PHP, Perl, Ruby, C/C++, C#, Java, Javascript
* Good technical writing and documentation skills
* Good communication skills to interact with internal customers
* Self-motivated, positive attitude, and a team player
* Ability to handle multiple tasks concurrently, priorities them according to the change in situation and meet deadlines


Preferred qualifications:
* Certifications: OSCP, OSWE, GPEN, GXPN, GWAPT or equivalent
* Familiarity and experience with SAST and DAST tools
* Experience in application software development
* Experience and knowledge in Incident Response, Threat Hunting and Threat Intelligence.
* Experience in CTF competitions or Bug Bounty programs
* Knowledge and work experience with Cloud infrastructure, system architecture, and design