Security Analyst-Security Governance, Risk & Compliance
PlayStation isn’t just the Best Place to Play —it’s also the Best Place to Work. We’ve thrilled gamers since 1994, when we launched the original PlayStation. Today, we’re recognized as a global leader in interactive and digital entertainment. The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Corporation.
Reporting to the Manager of Security Governance, Risk & Compliance, San Francisco, the Security Analyst will ensure that policy and compliance documentation, requirements and controls are properly and timely identified, mapped, tracked, reviewed, and reported for the organization to increase security posture. Will ensure that documentation, data, assessment information, and GRC program information are kept up to date. In this role you will work closely with other members of the Security Team to manage and support security administration tasks and security projects. This position requires a detail-oriented individual able to efficiently analyze and resolve problems.
- Monitor and review IT security controls to identify operational effectiveness
- Assist with implementation of Security Risk Assessment methodology, policy, strategy and process
- Assist with mapping controls to policies, procedures, and processes to ensure adequate coverage
- Assist with access control management and reviews
- Assist with IT remediation efforts and track completion status of deficiencies
- Support the team to develop and communicate policies, procedures, guidelines, and plans to internal partners regarding security and risk management.
- Maintain clear communications, documentation, and timely support for security policy and compliance activities
- Perform process and control walkthroughs and document control narratives as assigned
- Perform third party security risk assessments
- Collaborate with internal teams and internal auditors throughout compliance assessments process
- Help to find practical solutions to standardize and scale across PlayStation
- Assist in the on-going maintenance and process improvements of compliance programs (e.g. PCI DSS, ISO27001, etc.)
- Support the Security Transformation Program as assigned
- Provide security consulting services to the internal business owners and partners
- Work with GRC and InfoSec tools to collect and maintain relevant information
- Update project and status reports as needed
- Assist with policy and standards research, development, review and maintenance
- Assist with data governance program
- 5+ years’ experience in Information Security or Information Technology field
- Bachelor’s degree in Computer Science, IT or Information Security
- Experience working within a team to deliver and track solutions
- Ability to identify, monitor and remediate security compliance issues
- Ability to identify and define metrics to track program progress and maturity for various partners
- Ability to complete assigned work on time and to specifications
- Strong verbal and communication skills with all levels of the business on security issues
- Willingness to acquire in-depth knowledge of security standard methodologies, technologies and products and continuously improve these skills
- Conceptual, critical thinking, and sound judgment with strategic orientation and experience performing tactically
- Must be self-motivated, able to work independently, and multi-task effectively
- Hands-on experience working with GRC tools a plus.
- Ability to build relationships and influence others across all levels of the organization.
- Experience in using tools and techniques for planning, organizing and implementing projects
- Background and experience with Cloud Platforms, desired
- CISSP preferred or willingness to obtain
Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to race, color, religion, gender, pregnancy, national origin, ancestry, citizenship, age, legally protected physical or mental disability, covered veteran status, status in the U.S. uniformed services, sexual orientation, marital status, genetic information or membership in any other legally protected category.
We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.
We sincerely appreciate the time and effort you spent in contacting us and we thank you for your interest in PlayStation.