AppSec Jobs
← Back to all jobs

Rakuten

Product Security Engineer, Cloud & DevSecOps - Cyber Security Defense Department (CSDD)

Tokyo, JapanWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Rakuten

Rakuten Group, Inc. is a Japanese multinational technology conglomerate founded in 1997 by Hiroshi Mikitani, who serves as Chairman, President, and CEO. Headquartered in Tokyo, the company aims to be a leading internet services provider, promoting innovation and entrepreneurship under the philosophy of "Empower Japan. Empower the World."Rakuten launched its flagship e-commerce platform, Rakuten Ichiba, in the same year, which has grown to become a market leader in Japan. The Rakuten Ecosystem connects over 1.1 billion members globally, offering a range of services across e-commerce, fintech, digital content, and communications. Key offerings include Rakuten Ichiba for online shopping, Rakuten Travel for travel services, and various fintech solutions such as Rakuten Payment and Rakuten Securities. The company also engages in logistics, media, and mobile communications, continually expanding its global reach and enhancing its service offerings.

Industry

information technology & services

Employees

30,000

2407 engineers

Revenue

$15B

Website

Visit →

Security at Rakuten

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Rakuten's AppSec philosophy centers on 'Shift Left' principles and developer accountability.
  • Security experts are integrated into the development stage, and developers are required to undergo regular security training.
  • The approach is governed by a formal Information Security Management System (ISMS) to evaluate and manage risks to information assets.

Security Team

  • Rakuten's security organization is led by a Group Chief Information Security Officer (CISO) and supported by the Rakuten-CERT office, which manages vulnerability scheduling.
  • The structure includes regional leadership, such as a CISO for Rakuten Europe Bank, and dedicated Application Security Engineers.
  • Key Leaders: - Yoshinari Fukumoto, Chief Information Security Officer

Key Initiatives

  • Rakuten mandates a security audit before every service release and provides a security RFP and checklist for standardized assessment.
  • A major current initiative is the move toward 'passwordless' security.
  • Vulnerability management is centralized through Rakuten-CERT, which is a member of international security bodies like FIRST and the Japan CSIRT Council.

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.