Develop automation to integrate, use, and enhance security systems and datasets across code security, cloud security, infrastructure security, identity security, and AI security.
Automate assessment and validation of security controls; integrate security and business data to accelerate risk, compliance, and reporting workflows.
Perform automation-assisted security reviews with Product and Engineering to establish and validate security requirements; conduct threat modeling and application security assessments.
Execute automated and manual security testing for software, cloud, and network systems; contribute to enterprise security standards and processes.
Communicate effectively with stakeholders; report to the Senior Manager for Enterprise Security Services; hybrid work on-site 3x per week.
技術スタック
必須スキル
Hands-on experience developing security automation for one or more domains: software development, cloud configuration, network architecture, or identity and access management.
Knowledge of secure coding principles and vulnerabilities (OWASP Top 10, CWE-25); experience with design/code reviews, static/dynamic analysis, and standard security tools.
Ability to present security threats to non-security stakeholders and facilitate risk-informed decisions.
歓迎スキル(該当する場合)
Experience in DevEx or software development; infrastructure/container/CI/CD security.
Knowledge of AWS or GCP security features; AWS Certified Security or GCP Professional Cloud Security Engineer is a plus.
Knowledge of authentication protocols (OAuth, OpenID, SSO/SAML) and AWS IAM; business-level Japanese.