Cloud Security Engineer

Why Sony Interactive Entertainment

Sony Interactive Entertainment isnt just the Best Place to Play its also the Best Place to Work. Sony Interactive Entertainment (SIE) is the company behind the PlayStation brand. As a subsidiary of Sony Group Corporation were part of a proud legacy of innovation and excellence. SIE is a dynamic technology company delivering cutting-edge hardware and network services to more than 100 million people and an entertainment leader home to some of the most beloved and recognizable intellectual properties (IP) in the world. Our role at SIE is to create and nurture the experiences under the PlayStation brand a name synonymous with entertainment excellence and creativity.

We are looking for an inspirational and hardworking person to join the Platform Hosting Cloud Security Engineering team at SIE! Youll be joining a team of innovative engineers who are unified in their mission to make PlayStation the best and most secure gaming platform. This support is fulfilled by minimizing impact to the platform while ensuring security needs are met. This role is highly technical and requires a shown grasp of security principles and how they are applied to production environments. You will assist in the planning building development testing and management of security tools and processes that provide protection and visibility of our cloud environments.

Key Responsibilities

Service Mesh & API Security

• Deep expertise with service mesh architectures (e.g. Istio Kong) to enable secure & reliable east-west service communication

• Extensive experience managing and configuring API gateways (e.g. Kong Amazon API Gateway) for internal and external services including:

• Authentication and authorization through OIDC OAuth2 JWT and mTLS

• Secure API exposure and traffic governance

Certificates & mTLS Management

• Strong experience managing PKI and certificate lifecycles including issuance rotation and revocation

• Practical experience deploying and managing mTLS within distributed systems and Kubernetes workloads

• Experience integrating certificate authorities (CAs) and automating certificate management (e.g. cert-manager or similar tools)

• Understanding of trust models and certificate chain validation in zero-trust environments

Security Hardening & Zero Trust

• Strong background in security hardening and zero-trust architecture including:

• Enforcing default mTLS across workloads

• Carrying out infrastructure-level authentication and authorization

• Crafting and maintaining fine-grained access control policies

• Experience building and maintaining zero-trust security models across multi-cluster or distributed systems

• Write and detail security policies and practices with clear practical mentorship to ensure understanding and effective implementation

Kubernetes Security & Access Control

• Strong experience securing Kubernetes environments including:

• Implementing namespace isolation and protection strategies

• Crafting and enforcing access controls and policies

• Managing service accounts and workload identities securely

• Familiarity with Kubernetes security guidelines including least privilege access network policies and workload segmentation

Qualifications

Technical Skills & Platform Experience

• Bachelors degree or equivalent experience required

• Proficiency in scripting and programming languages such as Python and Go

• Demonstrated experience applying and upholding security governance frameworks including security policy enforcement and compliance controls

• Hands-on experience working with multi-cloud environments particularly AWS and GCP

• Strong experience with Kubernetes and containerized environments

• Build and implement security controls and frameworks

• Experience implementing security guidelines (mTLS OAuth2 JWT RBAC ABAC)

• Detect security gaps and lead efforts to mature security tooling and operational processes

• Work closely with product and platform teams to define system requirements engineer and implement cloud based security applications and controls

• Write code to automate security processes which seamlessly integrate into code builds and deployments applying DevSecOps processes and tools

• Develop and deploy automation solutions that help audit secure and affect changes across multi-cloud environments

• Reviewing tools for improving platform availability using automated protection mechanisms

• Experience with monitoring and observability tools (Grafana Datadog)

• Research and recommend new technologies and collaborates on solutions

• Excellent written and oral communication skills. Strong social skills include the ability to articulate to both technical and non-technical audiences. Also strong analytical and problem-solving skills.

• Technical certifications or other demonstrations of passion in security and technology such as CISSP CCSP are a plus!

Please note Sony Interactive Entertainment conducts background checks at the offer stage for all new employees (which may include criminal background checks for some roles) and will need to process personal information to support these checks.

Please refer to ourCandidate Privacy Noticefor more information about what personal information we collect how we use it who we share it with and your data protection rights.

Equal Opportunity Statement:

Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity gender expression and gender reassignment) race (including colour nationality ethnic or national origin) religion or belief marital or civil partnership status disability age sexual orientation pregnancy maternity or parental status trade union membership or membership in any other legally protected category.

We strive to create an inclusive environment empower employees and embrace diversity. We encourage everyone to respond.

Sony Interactive Entertainment is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.