Full Time Job

Security Analyst - Security Governance, Risk & Compliance

Sony Interactive Entertainment

San Francisco, CA 10-19-2020
Apply @ Employer
  • Paid
  • Full Time
  • Senior (5-10 years) Experience
Job Description

Reporting to the Manager of Security Governance, Risk & Compliance, San Francisco, the Security Analyst will ensure that policy and compliance documentation, requirements and controls are properly and timely identified, mapped, tracked, reviewed, and reported for the organization to increase security posture. Will ensure that documentation, data, assessment information, and GRC program information are kept up to date. In this role you will work closely with other members of the Security Team to manage and support security administration tasks and security projects. This position requires a detail-oriented individual able to efficiently analyze and resolve problems.

• Monitor and review IT security controls to identify operational effectiveness
• Assist with implementation of Security Risk Assessment methodology, policy, strategy and process
• Assist with mapping controls to policies, procedures, and processes to ensure adequate coverage
• Assist with access control management and reviews
• Assist with IT remediation efforts and track completion status of deficiencies
• Support the team to develop and communicate policies, procedures, guidelines, and plans to internal partners regarding security and risk management.
• Maintain clear communications, documentation, and timely support for security policy and compliance activities
• Perform process and control walkthroughs and document control narratives as assigned
• Perform third party security risk assessments
• Collaborate with internal teams and internal auditors throughout compliance assessments process
• Help to find practical solutions to standardize and scale across PlayStation
• Assist in the on-going maintenance and process improvements of compliance programs (e.g. PCI DSS, ISO27001, etc.)
• Support the Security Transformation Program as assigned
• Provide security consulting services to the internal business owners and partners
• Work with GRC and InfoSec tools to collect and maintain relevant information
• Update project and status reports as needed
• Assist with policy and standards research, development, review and maintenance
• Assist with data governance program

• 5+ years' experience in Information Security or Information Technology field
• Bachelor's degree in Computer Science, IT or Information Security
• Experience working within a team to deliver and track solutions
• Ability to identify, monitor and remediate security compliance issues
• Ability to identify and define metrics to track program progress and maturity for various partners
• Ability to complete assigned work on time and to specifications
• Strong verbal and communication skills with all levels of the business on security issues
• Willingness to acquire in-depth knowledge of security standard methodologies, technologies and products and continuously improve these skills
• Conceptual, critical thinking, and sound judgment with strategic orientation and experience performing tactically
• Must be self-motivated, able to work independently, and multi-task effectively
• Hands-on experience working with GRC tools a plus.
• Ability to build relationships and influence others across all levels of the organization.
• Experience in using tools and techniques for planning, organizing and implementing projects
• Background and experience with Cloud Platforms, desired
• CISSP preferred or willingness to obtain

Company Profile
Sony Interactive Entertainment

Recognized as a global leader in interactive and digital entertainment, Sony Interactive Entertainment (SIE) is responsible for the PlayStation® brand and family of products and services.