Senior Cyber Threat Hunter (RMI Security Eng. & Ops Dep) at Rakuten Mobile, Inc.

Tokyo, , Japan -

Full Time

Start Date

Immediate

Expiry Date

03 May, 26

Salary

0.0

Posted On

02 Feb, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, Threat Hunting, Incident Response, Forensics, Security Operations, Threat Intelligence, Malware Analysis, MITRE ATT&CK, Network Architecture, Telecommunication Protocols, Cloud-native Environments, Kubernetes, Machine Learning, Analytical Skills, Problem-solving, Communication Skills

Industry

Telecommunications

Description

Job Description: About Organization Rakuten Mobile, Inc. is an entity established for the launch of its mobile carrier business as an MNO (Mobile Network Operator). We aim to provide the most competitive and convenient service to meet our customer needs and demands via the innovative use of technology. Defining future world-standard innovations in the MNO industry, we continually challenge ourselves and capabilities. The Security Engineering & Operations Department at Rakuten Mobile is at the forefront of protecting our innovative mobile network infrastructure and services. We are building a robust cyber defense organization to safeguard our customers and operations from evolving cyber threats. We are looking for talented individuals who are interested in working with us to create and deliver world-class security solutions. We are seeking a senior Threat Hunter to join our growing cyber defense organization. This role is crucial for proactively identifying and mitigating advanced threats, ensuring the resilience and security of our cutting-edge mobile network. Job Duties The Senior Cyber Threat Hunter will play a critical role in strengthening Rakuten Mobile's cyber defense posture. This position requires a highly proactive, detail-oriented, and process-driven individual who can translate hunting outcomes into clear, actionable recommendations for improving security and mitigating future risks. Key Responsibilities: Proactive Threat Hunting: Develop and execute hypothesis-driven campaigns, meticulously analyzing large volumes of log, endpoint, and network data to uncover anomalous or malicious activity, and thoroughly documenting findings. Adversary Research: Research and track adversary Tactics, Techniques, and Procedures (TTPs), leveraging frameworks like MITRE ATT&CK to build and test threat hypotheses beyond simple Indicator of Compromise (IOC) searches. Actionable Security Improvements: Translate hunting outcomes into actionable security enhancements, creating detection logic, data requirements, false positive guidance, and validation steps for new and refined detections. Collaboration & Improvement: Collaborate closely with the Detection Engineering team to enhance detection rules and playbooks, and contribute to the continuous improvement of hunting methodologies. Incident Support: Partner with Cyber Threat Intelligence, Incident Response, and SOC teams to operationalize threat insights, provide support during incidents, and assist in investigation and containment efforts. Technical Analysis: Perform in-depth technical analysis of attacker tradecraft, including lateral movement, persistence, and exfiltration techniques, to understand attack vectors and establish intrusion chains. Tool Utilization: Utilize advanced security tools such as SIEM, UEBA, and forensic analysis platforms to conduct hunts and confirm threats. Automation: Automate analysis and detection processes using scripting languages (e.g., Python, PowerShell) to improve efficiency and scale. Continuous Learning: Stay current with the evolving threat landscape and emerging adversary techniques to maintain effective threat hunting capabilities. Minimum Qualifications Experience: Minimum of 10-12 years of experience in cybersecurity, with strong expertise in Cyber Threat Hunting. Demonstrable experience in Incident Response and Forensics. Exposure to Security Operations, Threat Intelligence, and Malware Analysis. Education: Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related field, or equivalent practical experience. Technical Skills & Knowledge: In-depth knowledge of the MITRE ATT&CK framework, including the ability to map adversary behaviors to understand attack vectors and predict potential threats. Strong understanding of enterprise network architecture, including advanced networking concepts (e.g., TCP/IP, routing, firewalls, VPNs), networking protocols, deep packet inspection, and network traffic analysis. Expertise in telecommunication protocols and infrastructure, particularly those relevant to mobile environments (e.g., 4G/5G, SS7, Diameter, GTP), and the ability to identify threats within these specialized networks. Deep understanding of cloud-native environments, including Kubernetes and container orchestration, with proven experience in hunting for threats and anomalies within these complex infrastructures. Demonstrated experience with major cloud platforms (e.g., AWS, Azure, GCP) and their native security services, with the ability to perform threat hunting across diverse cloud environments. Experience and strong interest in leveraging advanced AI capabilities, including Machine Learning (ML) models and Large Language Models (LLMs), to enhance threat hunting, automate analysis, and improve operational efficiency. Soft Skills: Exceptional analytical expertise, critical thinking, and problem-solving skills, with a keen attention to detail. Knowledge of secure architecture and design principles, with the ability to identify potential weaknesses and propose proactive hunting strategies based on system design. Excellent written and verbal communication skills, with the ability to present complex technical information and metrics clearly to both technical and non-technical audiences. Demonstrated strong documentation discipline, capable of producing repeatable work and facilitating clean handoffs. Ability to work effectively in a fast-paced, operational environment, including flexibility for non-standard work hours in response to cybersecurity incidents. A strong aptitude for continuous learning and adapting quickly to new technologies and threat landscapes. Understanding of regulatory compliance and data privacy requirements relevant to cybersecurity operations. Preferred Qualifications Industry certifications such as SANS FOR508, CISSP. Languages: English (Overall - 3 - Advanced) Looking for members to join our mobile phone business “They cannot succeed if they step into the field at this late date” Some people say Rakuten is reckless in trying to enter the mobile communications business. However, innovation is realized if we succeed when something seems impossible. At Rakuten, we think the world changes when we achieve such changes. Because our history has always been a series of innovations since our establishment. Launching a communication carrier is an opportunity that we have once in our lives. Crack open the current communication industry. Blow new wind into life. Why not create innovation with us? Why not do something big?

Responsibilities

The Senior Cyber Threat Hunter will proactively identify and mitigate advanced threats to strengthen Rakuten Mobile's cyber defense posture. This includes developing threat hunting campaigns, collaborating with teams to enhance detection, and providing incident support.