Security Analyst-Security Governance, Risk & Compliance

Job Description

Working with the Senior Manager of Security Risk and Compliance, as a Security Analyst you are a member of a best-in-class security team that coordinates PlayStation's Security Risk, and Compliance program. You will be an integral part of bringing fun and joy to millions of gamers across the globe. By executing security assessments and providing in-depth analysis of risks, you will be providing crucial information to the leadership team in critical decisions that protect PlayStation gamers and the PlayStation Platform. You will act as the domain specialist for all matters of Security Risk, and Compliance.

How you will make an impact:
• Perform hands-on gap and risk assessments to identify, document, and track significant information security risks associated with:
• Cloud and physical IT infrastructure
• Applications
• Development
• Information systems
• Vendors and other third parties
• Work with technical engineering teams in achieving the best and most efficient security controls that also maintain operational effectiveness
• Foster strategic working relationships with technical architects, engineering teams, and platform partners, maintaining a high level of contact
• Develop security remediation efforts and track them to completion
• Work with groundbreaking cloud security tools, as well as GRC tools, to collect and maintain security and risk information
• Provide security consulting services to business owners and partners
• Maintain broad knowledge of standard methodologies and trends in the field of Information Security and other technologies relevant to systems operated by the Operations and Engineering teams
• Collaborate with technical teams, partners and leadership teams to translate security risk mitigation plans into meaningful actions to mitigate risk
• Support the PlayStation Security Risk Assessment methodology, policy, strategy and process

What you need to succeed:
• Experience implementing or assessing security in a cloud-hosted environment
• Knowledge of security technologies, information systems, and risk assessment methodologies
• Must have demonstrable ability to take initiative and collaborate with technical and non-technical teams to further the goals and mission of PlayStation Security

What would help you even more:
• 5+ years information security experience working within the technical arena
• Regulatory Compliance programs as well as their technical and security requirements (PCI, SOX, etc.)
• Proven technical background in IT systems and networking in Cloud environments
• Knowledge and experience pertaining to:
• AWS (or similar) cloud security and infrastructure
• Web infrastructure security
• Network security tools (IDS/IPS, firewalls, etc.)
• Encryption technology and implementation
• Database security
• Operating system security and hardening
• Excellent analytical, evaluative, and problem-solving abilities
• Excellent written and oral communication skills, as well as interpersonal skills including the ability to articulate to both technical and non-technical audiences.
• Experience in security standards such as ISO 27001, 27002, 27005; NIST, COBIT, ITIL
• Technical certifications within the area Security are a strong plus (CISSP, CCSK, CCSP or equivalent)
• Must have the ability to work within a team of highly qualified security specialists and multi-task effectively
• A bachelor's degree in Cyber Security, Information Security, or Computer Science

Jobcode: Reference SBJ-reo8y5-3-15-190-144-42 in your application.