Associate Security Analyst-Security Governance, Risk & Compliance
PlayStation isn’t just the Best Place to Play —it’s also the Best Place to Work. We’ve thrilled gamers since 1994, when we launched the original PlayStation. Today, we’re recognized as a global leader in interactive and digital entertainment. The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Corporation.
Working with the Manager of Security Risk and Compliance as an Associate Security Analyst you are a member of a best-in-class security team that coordinates PlayStation’s Security Risk, and Compliance program. You will be an integral part of bringing fun and joy to millions of gamers across the globe. By executing security assessments and providing in-depth analysis of risks, you will provide crucial information to the leadership team in critical decisions that protect PlayStation gamers and the PlayStation Platform. You will act as the domain specialist for all matters of Security Risk & Compliance.
How you will make an impact:
- Support hands-on gap and risk assessments to identify, document, and track significant information security risks associated with:
- Cloud and physical IT infrastructure
- Information systems
- Vendors and other third parties
- Work with technical engineering teams in achieving the best and most efficient security controls that also maintain operational effectiveness
- Cultivate strategic working relationships with technical architects, engineering teams, and platform partners, maintaining a high level of contact
- Assist in the development of security remediation efforts and track them to completion
- Work with groundbreaking cloud security tools, as well as GRC tools, to collect and maintain security and risk information
- Provide security consulting services to business owners and partners
- Maintain broad knowledge of standard methodologies and trends in the field of Information Security and other technologies relevant to systems operated by the Operations and Engineering teams
- Collaborate with technical teams, partners and leadership teams to translate security risk mitigation plans into meaningful actions to mitigate risk
- Support the PlayStation Security Risk Assessment methodology, policy, strategy and process
What you need to succeed:
- Experience related to implementing or assessing security in a cloud-hosted environment
- Knowledge of security technologies, information systems, and risk assessment methodologies
- Willingness and drive to take initiative and collaborate with technical and non-technical teams to further the goals and mission of PlayStation Security
What will help you even more:
- 2+ years information security experience working within the technical arena
- Regulatory Compliance programs as well as their technical and security requirements (PCI, SOX, etc.)
- Knowledge of IT systems and networking in Cloud environments
- Familiarity and experience pertaining to:
- AWS (or similar) cloud security and infrastructure
- Web infrastructure security
- Network security tools (IDS/IPS, firewalls, etc.)
- Encryption technology and implementation
- Database security
- Operating system security and hardening
- Excellent analytical, evaluative, and problem-solving abilities
- Excellent written and oral communication skills, as well as interpersonal skills including the ability to articulate to both technical and non-technical audiences.
- Experience in security standards such as ISO 27001, 27002, 27005; NIST, COBIT, ITIL
- Ability to work within a team of highly qualified security specialists and multi-task effectively
- A bachelor’s degree in Cyber Security, Information Security, or Computer Science
Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to race, color, religion, gender, pregnancy, national origin, ancestry, citizenship, age, legally protected physical or mental disability, covered veteran status, status in the U.S. uniformed services, sexual orientation, marital status, genetic information or membership in any other legally protected category.
We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.
We sincerely appreciate the time and effort you spent in contacting us and we thank you for your interest in PlayStation.
PRIVACY NOTICE TO SIE LLC’S JOB APPLICANTS
This Privacy Notice explains what personal information we at Sony Interactive Entertainment LLC collect from you, and why we collect it and use it. This Notice covers our practices regarding the personal information of all applicants to our job positions. Please review it carefully.
Categories of personal information we collect from you
We collect personal information about you throughout the recruiting process, in particular the following categories. Generally, we obtain this information through our Recruiting Team:
Identification and contact information
- Direct identifiers such as your first and last name.
- Indirect identifiers such as a government ID, your Social Security, work permit or passport #.
- Contact information such as your email address, mailing address, telephone number.
Other information about you or that can be associated with you such as:
- Sensitive/Protected Data. During the recruitment process, you may (voluntarily) provide us with your ethnicity, gender, military service information, or physical or mental health information, as well as your national origin and citizenship.
- Professional or job position-related information, including your past professional experience, references; background verification; talent management and assessment; information regarding any conflicts of interests; and the terms and conditions of your job offer.
- Non-public education information, including information about your education records, such as grades and transcripts.