1. 株式会社マネーフォワード
  2. 株式会社マネーフォワード 採用情報
  3. 株式会社マネーフォワード の求人一覧
  4. Security Specialist(Product Security), CISO Office, Tokyo

Security Specialist(Product Security), CISO Office, Tokyo

  • 正社員

株式会社マネーフォワード の求人一覧

Security Specialist(Product Security), CISO Office, Tokyo | 株式会社マネーフォワード

Overview

At Money Forward, we develop a wide range of popular services, including our automated personal financial management tool "Money Forward ME" and the "Money Forward Cloud" suite for businesses. Our ecosystem is powered by advanced technologies such as "Account Aggregation" and our single sign-on system, "Money Forward ID."

As our services handle sensitive financial data, we maintain the highest standards of security. The CISO Office works closely with our business units to ensure and enhance the security of our products. This includes the governance and visualization of major cloud platforms like AWS and GCP, as well as the design, implementation, and operation of common security features such as WAF. Additionally, the CISO Office is responsible for strengthening the security of our internal information systems.

To provide a safe and secure experience for even more users, we are looking for a Security Specialist to join our team.

About the CISO Office

Our mission is to "Maximize the value delivered to our customers through security." We define and create the ideal security state for the entire Money Forward Group.

Preventing service downtime and information leakage is, of course, critical. However, that is only one part of what we value. Excessive security measures can slow down development, potentially reducing or delaying the value we provide to our customers. As security professionals, we constantly ask ourselves how we can maximize customer value and implement the most optimized security solutions to achieve that goal.

Security Principles

We consider the ideal state of security and our organization through three core themes:

  1. Embedded security in business strategy

Security does not exist in a vacuum. We design security measures in alignment with business strategies, taking into account the current business phase, costs, projected revenue, and potential loss in the event of a risk.

  1. Advanced balancing between security and experience

The highest level of security is not always the "right" answer. Over-securing can increase costs and compromise user convenience. We must assess risks and always consider the most suitable security measures. Instead of simply avoiding risk, we sometimes choose to take calculated risks to pursue maximum user value. To achieve a sophisticated balance between convenience and security, we actively promote automation and autonomous systems.

  1. Autonomous and scalable organization of security

As the Money Forward Group grows into a larger development organization, we aim to deliver even greater value. If the CISO Office handles every single security function, we will become a bottleneck and fail to scale. Each development department must be able to build secure services autonomously. The CISO Office focuses on building the frameworks and providing the support necessary to enable this autonomy.

Responsibilities and Duties

In this position, you will leverage your knowledge and experience in coding and infrastructure to maintain and enhance the security of Money Forward in collaboration with developers and IT infrastructure teams. As a Product Security Specialist, you will drive the following initiatives alongside other security specialists in the CISO Office:

  • Establishment of security guardrails for AWS, Azure, and GCP environments.
  • In-house security consulting: Providing technical advice on security and conducting architecture reviews for our developers.
  • Vulnerability assessments and penetration testing: Performing or supporting security evaluations.
  • Vulnerability intelligence: Collecting and verifying vulnerability information, including OSINT (Open Source Intelligence).
  • Security tool development: Developing tools and scripts to automate or enhance security.
  • Framework implementation: Implementing and deploying security frameworks such as NIST CSF and CIS Controls.
  • DevSecOps implementation: Integrating security into modern development workflows, including K8s, Docker, and CI/CD pipelines.

Required Skills and Experience

  • Foundational understanding of computer science, including networking, operating systems, data structures, and cryptography.
  • Experience in software development with at least one programming language, or hands-on experience practicing Security by Design.
  • Business-level English communication skills.
  • Knowledge or experience in any of the following areas:
    • Vulnerability assessment
    • Penetration testing or Red Teaming operations
    • Forensics, malware analysis, or incident response
    • Cloud security
    • Architecture reviews
    • Building and operating DevSecOps workflows
    • Implementation and operation of security solutions (e.g., WAF, IDS/IPS, SIEM)

Preferred Skills and Experience

  • Business-level Japanese communication skills.
  • Experience participating in CTFs (Capture The Flag).
  • Experience in bug hunting or obtaining CVEs (Common Vulnerabilities and Exposures).
  • Relevant certifications such as CISSP, CISM, OSCP, GCIH, etc.
  • Deep understanding of Authentication and Authorization (e.g., OIDC, OAuth).
  • Experience in security-related operations within the Financial or Fintech industry (e.g., knowledge of FISC guidelines).
  • Experience in AI development and/or experience in using AI tools to improve development processes.
    • Money Forward recently announced our AI Strategy roadmap which focuses on improving AI-driven operational efficiencies, as well as integrating AI agents into our products to deliver better value to our users. (More information here)

Language Requirements

  • English: Business level

Work Environment

At Money Forward, we provide an environment where we can create world-class services together, and we are looking forward to welcoming you.

  • Provided PC Specs: We provide PCs equipped with the latest CPUs (MacOS or Windows). Custom-made PCs tailored to business requirements and replacements with the latest OS are also possible.
  • Systems to Enhance the Development Environment: Peripheral devices necessary for work (such as displays, mice, keyboards) can be purchased as office supplies. Generally, you can choose from standard products (catalog), and if conditions are met, you can apply for non-standard products as well.
  • Money Forward Library: We have a library system where you can freely borrow books, ranging from technical books to management books. Desired books can be purchased at the company's expense.
  • Referral Driven: We cover the cost of recruitment meals. There is a referral reward system.
  • Conference Participation Support: The company partially covers participation in domestic and international conferences, such as RubyKaigi and Google I/O.
職種 / 募集ポジション Security Specialist(Product Security), CISO Office, Tokyo
雇用形態 正社員
給与
年収
Monthly salary system
※Includes fixed allowances for up to 45 hours of legal overtime, legal holiday work, and 40 hours of late-night work.
勤務地
  • 108-0023  21F Tamachi Station Tower S, msb Tamachi, 3-1-21 Shibaura, Minato-ku, Tokyo
    地図で確認 
 		 
 
 Salary System  
<Salary Range>
Min 667,000 JPY / month(8.004,000 JPY / year)〜1,417,000 JPY / month(17,004,000 JPY / year)
Each including fixed allowances of 193,649 JPY〜411,347 JPY / month.
 		 
 
 Bonus  
A「High Performance Bonus」may be paid to employees who receive high evaluations based on semi-annual evaluations in addition to their salary.
※Please note that the remuneration of the High Performance Bonus is subject to change according to the company's performance.
 		 
 
 Probation Period  
3 months from join date
 		 
 
 Working Hour System  
Discretionary Labor System for Professional Work
※Conditions apply; subject to change to Flextime System.
 		 
 
 Working Hours  
9:30 - 18:30 (60 min break) are the basic working hours. However, employees are able to choose their working hours at their own discretion.
※There is potential for overtime work outside the determined hours.
 		 
 
 Work Style Policy  
Hybrid work style
・As a standard practice, employees are required to work at the office a minimum of 2 days per week. Employees are encouraged to spend 3 or more days in the office. (This policy may be subject to change based on the company and job circumstances)
・The specific "team office days" may vary depending on the assigned team.
 		 
 
 Holidays/Vacations  
■ Saturdays / Sundays / Japanese national holidays
■ Paid holidays
■ Summer holidays (3 days)
■ Winter holidays (2 days)
■ Year-end and New Year’s holidays (Dec 31st~Jan 3rd)
 		 
 
 Benefits  
■ Various social insurances (employee pension, health insurance, employment insurance, industrial accident compensation insurance)
■ Neighborhood housing allowance and neighborhood moving allowance
■ Salary-based rent deduction benefit 
■ Health check and gynecological checkup
■ Influenza vaccine
■ Book purchases support
■ Defined-contribution corporate pension 
■ Employee stock ownership plan
■ Preferential treatment when using the following services(limited to businesses under contract with Money Forward)
 - Rental agency
 - Housekeeping services
 - Babysitting
 - Online English conversation school
 		 
 
 Selection Process1  
Casual interview/Document Screening
↓
First interview (Depending on the position, there may be a technical assignment before the interview)
↓
Several interviews (The number of interviews depends on the position)
↓
Final interview (We may ask for a reference check before or after the interview)
↓
Job offer/Offer meeting

※The process may be subject to change depending on the case.
 		 
 
 Selection Process2  
■ What are reference checks?
Money Forward may ask for your cooperation with reference checks using a reference check service tool. We believe that mutual understanding is limited to the selection process alone. Therefore, we would like to gather information about you from your supervisor and colleagues at your current or former company to ensure a more reliable match and facilitate your early success after joining our company.
※We do not make employment decisions based solely on the contents of reference checks. 
※The fact that you are in the selection process with us will not be disclosed to referees.
 		 
 
 Notes  
・Range of change in job description: Work as determined by the company
・Range of change in work location: Work location as determined by the company
 		 
 
 Reference Information  
https://recruit.moneyforward.com/#introduction
 		 
 
 
 
 
 会社情報 
 会社名 株式会社マネーフォワード 
 
 代表者  
代表取締役社長グループCEO 辻 庸介
 		 
 
 創業  
2012年5月
 		 
 
 取締役  
金坂 直哉
中出 匠哉
竹田 正信
石原 千亜希
 		 
 
 社外取締役  
田中 正明
倉林 陽
安武 弘晃
宮澤 弦
Ryu Kawano Suliawan
菊間 千乃
 		 
 
 監査役  
畠山 優実
田中 克幸
瓜生 英敏

 		 
 
 CxO・VPox  
瀧 俊雄
山田 一也
坂 裕和
松岡 俊
伊藤 セルジオ 大輔
関田 雅和
松久 正幸
野村 一仁
長尾 祐美子
渋谷 亮
金井 恵子
上利 陽太郎
梅田 康吉
 		 
 
 執行役員  
田平 公伸
本川 大輔
冨山 直道
木村 友彦	
永井 博	
駒口 哲也
廣原 亜樹
島村 誠一郎
永井 七奈
木村 慎治
丸山 嘉伸
吉本 憲文
工藤 裕之
島内 広史
小山 幸宏
渡辺 恵伍
松村 道夫
岩崎 大
 		 
 
 オフィス  
本社オフィス
〒108-0023 東京都港区芝浦3-1-21 msb Tamachi 田町ステーションタワーS 21F


北海道支社
〒060-0061 北海道札幌市中央区南一条西4-5-1 札幌大手町ビル3階

東北支社
〒980-0021 宮城県仙台市青葉区中央2-2-10 仙都会館 5F

東海支社、名古屋開発拠点
〒450-6213 愛知県名古屋市中村区名駅4-7-1 ミッドランドスクエア 13F

京都支社、京都開発拠点
〒604-8004 京都府京都市中京区三条通河原町東入中島町78番地 明治屋京都ビル 4階

関西支社、大阪開発拠点
〒541-0042 大阪府大阪市中央区今橋 2-5-8 トレードピア淀屋橋 9階

広島支社
〒730-0015 広島市中区橋本町9-7 ビル博丈5F

九州・沖縄支社、福岡開発拠点
〒810-0041 福岡県福岡市中央区大名2丁目6-50 福岡大名ガーデンシティ 16F
 		 
 
 社内コミュニケーション活性化の取り組み  
■全社週次/月次朝会/半期総会
■代表との意見交換会(CEOセッション)
■全社懇親会(MF Happy Hour)
■他部門社員との交流会(シャッフルランチ・ディナー)
■上長との定期1on1(ツキイチ面談)
■社内公募制度(MFチャレンジシステム)
■社員満足度調査(MFグループサーベイ)
※一部正社員のみ
 		 
 
 労働条件  
屋内原則禁煙(喫煙室あり)等
 		 
 
 中途採用比率  
2021年11月末 93.8%
2022年11月末 90.0%
2023年11月末 76.6%
2024年11月末 88.7%