Job Description
We are looking for an Information Security Analyst to join our team and operate the day-to-day Information Security, Risk and Compliance management processes.
You will be the key business relationship partner on behalf of Information Security and work on Information Security processes as well as strategic projects across Playstation and the Studios group. This role will partner directly with business, technical and third party partners, as well as work closely with our other Information Security specialist teams across the globe to protect PlayStation's intellectual property, data and infrastructure whilst delivering new and evolving games, services and hardware to the market.
What you'll be doing:
• Coordinates all aspects of information security and provides consulting services to business units and other partners.
• Supports the security risk assessment methodology, policy, strategy, and process by performing hands-on gap and risk assessments to identify and document information security risks associated with applications, technical configuration, and emerging technologies.
• Articulates and communicates risk to relevant partners, whilst with technical teams, partners, and leadership teams to translate security risk into mitigation plans into action items.
• Negotiates, tracks and reports these remediation efforts within the PlayStation risk programme.
• Supports the third-party due diligence and assurance assessment processes and able to articulate and advise on associated risks to the business, contractual requirements and resulting recommendations.
• Works with business partners from across Playstation and Studios to identify and implement information security requirements related to projects and engagements.
• Monitors and reviews IT security controls to identify operational efficiency.
• Performing security audits related to critical systems and prioritized business scopes.
• Triage information security incidents, working with our 24/7 SOC teams, business partners and related third parties, as well as be responsible for reporting and raising.
• Develops information security awareness communications and education programs to the business.
• Works with GRC and other security tools to collect and maintain security and risk information.
• Maintains broad knowledge of industry trends in the field of information security and other technologies relevant to systems handled by the operations teams.
• Advances the InfoSec program via partnerships with shared services teams within information security.
What we're looking for:
• At least three years of related work experience.
• Experience in business partner/stakeholder management, across technical and non-technical partners.
• Experience in Information Security due diligence and audits.
• Proven technical background in Information Security risk management, including work related to cloud infrastructure, SaaS applications, emerging technology.
• Experience with third party due diligence and contract reviews.
• Self-starter with capability to work comfortably within defined processes to deliver meaningful and risk-managed outcomes.
• Excellent communicator, able to translate both technical and business requirements and terminology to the applicable audience.
Desirable Knowledge and Skills:
• Familiarity with AWS (or similar) cloud security and infrastructure.
• Knowledge of and experience with SaaS and web infrastructure security
• Experience with third party due diligence
• Awareness of security risks associated with AI and other emerging technologies
• Microsoft Windows and Apple Mac OS hardening
• Policy administration
• Security standards such as SOX, ISO 27001, NIST, PCI
• Ability to handle parallel tasks and accurately detail resolutions
• Bachelor's degree in Computer Science, Information Security, or related field or equivalent experience
• CISSP and/ or CCSP preferred
Benefits:
• Discretionary bonus opportunity
• Hybrid Working (within Flexmodes)
• Private Medical Insurance
• Dental Scheme
• 25 days holiday per year
• On Site Gym
• Subsidised Café
• Free soft drinks
• On site bar
• Access to cycle garage and showers
Equal Opportunity Statement:
Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category.
We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.
PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.
Jobcode: Reference SBJ-gqw739-34-239-150-167-42 in your application.