The Security Analyst is a member of the Office of the Information Security Officer (ISO) for corporate operations; this team oversees all aspects of information security via its partnership with shared services teams within information security and is solely responsible for risk assessment, product management, and departmental risk briefings.
Primary responsibilities for the Senior Security Analyst include assurance testing, product management, and internal consultancy.
Additional detailing of primary responsibilities:
- Review of critical systems and processes, including, but not limited to:
- Cloud (IaaS, PaaS, SaaS)
- Operational processes (software development, system administration, etc.)
- Review of exemption mitigation plans
- Support the security risk assessment methodology, policy, strategy and process
- Optimize systems along dimensions of efficiency and cost
- Decompose epics into stories and articulate stories as requirements
- Lead projects / Support projects as the Information Security representative
- Develop novel approaches where needed; improve existing practices when necessary; and, always document to ensure accuracy and portability
- Prepare and Present Risk Briefings to Senior Staff (Senior Vice President and above)
- Consult & Design Security Controls for New Technology Implementations
- Five (5) years information security experience
- CISSP or SANS GPPA certification preferred, or relevant information security experience
- Linux/Unix OS and Windows administration knowledge
- Policy administration knowledge
- Excellent verbal and written communication skills
- Excellent independent problem solving experience
- Quality and network security focused
- Excellent Troubleshooting abilities and experience
- Ability to manage parallel tasks and accurately document resolutions
- Experience with or current understanding of security policies and procedures
- Direct experience with security infrastructure administration
- Direct understanding of Scripting (e.g., PERL, Python, shell scripting)
- Agile project management framework knowledge
- Candidate must possess a strong ability to analyze problems, make decisions, and have a concern for quality in their work.
Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to race, color, religion, gender, pregnancy, national origin, ancestry, citizenship, age, legally protected physical or mental disability, covered veteran status, status in the U.S. uniformed services, sexual orientation, marital status, genetic information or membership in any other legally protected category.