Security Risk Analyst
Security Risk Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 140000 - 210000
1 Vacancy
Job Description
Why PlayStation
PlayStation isnt just the Best Place to Play its also the Best Place to Work. Today were recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation5 PlayStation4 PlayStationVR PlayStationPlus acclaimed PlayStation software titles from PlayStation Studios and more.
PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation technology and play to explore our open positions and join our growing global team.
The PlayStation brand falls under Sony Interactive Entertainment a wholly-owned subsidiary of Sony Group Corporation.
PlayStation is looking for an Information Security Analyst to join our team and operate the day-to-day Information Security Risk and Compliance management processes. This is a mixture of processing requests from the business and driving internal security projects such as security audit and assessment. This role requires a sound understanding of technical and engineering terminology outstanding ability to articulate risk across any security domains (technical and governance) with the demonstrable ability to work independently and process high volumes of security requests on a weekly basis. This role also provides ample opportunity to work across technical and game-related projects with studio and PlayStation engineering teams and therefore requires risk advisory and influencing experience.
Based in San Diego the candidate will be the key business relationship partner on behalf of Information Security and work on Information Security processes as well as strategic projects across PlayStation and the Studios group. This role will collaborate closely directly with business technical and third party collaborators as well as work multi-functionally with our other Information Security specialist teams across the globe to protect PlayStations intellectual property data and infrastructure whilst delivering new and evolving games services and hardware to the market. This is an opportunity to provide security directly to the global PlayStation business our PlayStation Network and global Studios and their game development.
What youll be doing:
- Review triage risk assess and process security requests from technical engineering and business partners that require security input and approvals.
- Work independently to understand collaborator requirements and the security risk involved. Use security policy process and information security expertise to advise collaborators on appropriate solutions that do not open PlayStation up to security risks.
- Review security requirements associated with third party engagement requests and determine what level of third party assurance is required.
- Initiate and support the third-party due diligence and assurance assessment processes and able to articulate and advise on associated risks to the business contractual requirements and resulting recommendations.
- Articulate and communicate risk to relevant collaborators whilst with technical teams partners and leadership teams to translate security risk into mitigation plans into action items.
- Negotiates tracks and reports these remediation efforts within the PlayStation risk programme.
- Coordinates all aspects of information security and provides consulting services to business units and other partners.
- Works with business partners from across Playstation and Studios to identify and implement information security requirements related to projects and engagements.
- Monitors and reviews IT security controls to identify operational efficiency.
- Performing security audits related to critical systems and prioritized business scopes.
- Triage information security incidents working with our 24/7 SOC teams business partners and related third parties as well as be responsible for reporting and raising where necessary.
- Works with GRC and other security tools to collect and maintain security and risk information.
- Maintains broad knowledge of industry trends in the field of information security and other technologies relevant to systems handled by the operations teams.
- Advances the InfoSec program via partnerships with shared services teams within information security.
What were looking for:
- At least four years of related work experience within Information Security risk management or security audit with a sound technical understanding of information technology network or infrastructure management.
- Must be a self-starter comfortable with processing security requests independently initiating discussion with collaborators to drill down on exact requirements and how it aligns to process and policy.
- Experience in business partner/collaborator management across technical and non-technical partners.
- Used to working within critical metrics and SLAs to ensure efficient responses and smooth ticket management.
- Experience in Jira Confluence and GRC tracking and assessment tools.
- Can independently perform information Security due diligence and audits identifying gaps and require mitigations.
- Proven technical background in Information Security including work related to cloud infrastructure SaaS applications emerging technology.
- Ability to understand technical terminology to understand and assess security environment.
- Experience with third party due diligence and contract reviews.
- Excellent communicator able to translate both technical and business requirements and terminology to the applicable audience.
Desirable Knowledge and Skills:
- Familiarity with AWS (or similar) cloud security and infrastructure.
- Knowledge of and experience with SaaS and web infrastructure security
- Awareness of security risks associated with AI and other emerging technologies
- Microsoft Windows and Apple Mac OS hardening
- Policy administration
- Security standards such as SOX ISO 27001 NIST PCI
- Ability to handle parallel tasks and accurately detail resolutions
- Bachelors degree in Computer Science Information Security or related field or equivalent experience
#LI-GM1
Please refer to ourCandidate Privacy Noticefor more information about how we process your personal information and your data protection rights.
At SIE we consider several factors when setting each roles base pay range including the competitive benchmarking data for the market and geographic location.
Please note that the base pay range may vary in line with our hybrid working policy and individual base pay will be determined based on job-related factors which may include knowledge skills experience and location.
In addition this role is eligible for SIEs top-tier benefits package that includes medical dental vision matching 401(k) paid time off wellness program and coveted employee discounts for Sony products. This role also may be eligible for a bonus package. Clickhere to learn more.
The estimated base pay range for this role is listed below.
$140000 - $210000 USD
Equal Opportunity Statement:
Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity gender expression and gender reassignment) race (including colour nationality ethnic or national origin) religion or belief marital or civil partnership status disability age sexual orientation pregnancy maternity or parental status trade union membership or membership in any other legally protected category.
We strive to create an inclusive environment empower employees and embrace diversity. We encourage everyone to respond.
PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.
Required Experience:
IC
Employment Type
Full Time
