Analyst, Secure@Sony

Sony Corporation of America, located in New York, NY, is the U.S. headquarters of Sony Group Corporation, based in Tokyo, Japan. Sony's principal U.S. businesses include Sony Electronics Inc., Sony Interactive Entertainment LLC, Sony Music Entertainment, Sony Music Publishing and Sony Pictures Entertainment Inc. With some 900 million Sony devices in hands and homes worldwide today, a vast array of Sony movies, television shows and music, and the PlayStation Network, Sony creates and delivers more entertainment experiences to more people than anyone else on earth. To learn more: www.sony.com/en.
 

POSITION SUMMARY 

 Sony Corporation of America (SCA) is seeking an Analyst, Secure@Sony to join the Corporate Information Security Division. This position will report to the Senior Manager, Vulnerability Management, Integrated Threat Defense and be a part of the team responsible for establishing a unified approach to awareness, reporting and prevention of vulnerabilities impacting Sony.  

Specifically, the position is responsible for Sony’s Vulnerability Disclosure and bug bounty program (Secure@Sony) and the program management functions that enable execution of an enterprise information security and privacy strategy across Sony.  

Sony must secure its information assets, services, and products to build stakeholder trust and protect the privacy of Sony’s customers. This is a position for those interested in pursuing a career in the realm of cyber security on a global scale.  

JOB RESPONSIBILITIES 

• Lead the day-to-day operations of the “Secure@Sony” program  

• Work with Sony business units and technical teams to analyze vulnerabilities, coordinate response actions when required, and track items to closure   

• Validate security findings reported to the Secure@Sony program  

• Responsible for vendor partner oversight, tracking reported issues to resolution and communicating with the cybersecurity community  

• Maintain program metrics and report status for executive management  

• Apply sound judgement to rapidly evolving high-impact situations and escalate to executive leadership as appropriate  

• Manage business sensitive relationships with internal and external stakeholders in a professional manner  

• Identify process improvement opportunities that are aligned with Sony’s information security objectives  

QUALIFICATIONS FOR POSITION 

 Your qualifications and experience should include:  

• Proven experience with vulnerability disclosure and bug bounty programs  

• Project management experience with the ability to prioritize multiple tasks and respond to critical tasks, organize, and schedule work effectively. Experience managing a bug bounty program is a plus, but not required  

• Strong technical knowledge of OWASP Top 10  

• Comfortable using security testing tools including BurpSuite and Kali Linux  

• Experience with using vulnerability scoring frameworks such as CVSS  

• Ability to communicate effectively and tactfully with executives, managers, and all levels of personnel  

• Excellent analytical and problem-solving skills 

• ​​Minimum of five (5) years of experience in Cyber Security or a related field is a plus  

• Bachelor’s degree, preferably in Cyber Security, Information Technology, or a related field is a plus, but not required  

• Ability to travel domestically and internationally as required, up to 5%  

• All candidates must be authorized to work in the USA  

In addition to competitive pay and benefits, we offer an environment and culture that promotes Diversity, Equity, and Inclusion. We are committed to creating an inclusive employee experience for you to thrive as part of Sony’s purpose to “fill the world with emotion through the power of creativity and technology”. 

Benefits:    

SCA offers benefits-eligible employees (generally regular employees scheduled to work 20 or more hours a week) a comprehensive benefits program that offers coverage and support for employees and their family’s physical, emotional, and financial well-being.   

 What we offer you: 

• Comprehensive medical, prescription drug, dental, and vision coverage with coverage for spouses/domestic partners and child dependents, including access to a Health Savings Account (HSA) and Flexible Spending Account (FSA)  

• Employee assistance plan and comprehensive behavioral health benefits 

• Fertility benefits, including surrogacy, and adoption assistance programs   

• Basic and supplemental life insurance for employees as well as supplemental life insurance coverage for their spouses/domestic partners and children  

• Voluntary benefits such as group legal, identity theft protection, accident, and hospital indemnity insurance  

• Short-term & long-term disability plans   

• Paid parental and caregiver leave   

• 401(k) Plan with pre-tax, Roth, and after-tax options and company match with immediate vesting 

• Education assistance and student loan programs    

Other Programs:  

• Time off to include vacation, paid holidays, sick leave, Summer Fridays (early release), and a winter break between Christmas and New Year’s Day (based on business needs) 

• Referral bonuses (subject to eligibility)   

• Matching gift program   

• A wide variety of employee business resource groups (EBRGs)   

• Special discounts on Sony products, offered exclusively to Sony employees 

• Employee stock purchase plan (Sony covers commissions and fees for your Sony stock purchases made through after-tax payroll deductions)   

• Annual incentive bonus 

The anticipated annual base salary for this position is $130,000 to $145,000. This range does not include any other compensation components or other benefits that an individual may be eligible for. The actual base salary offered depends on a variety of factors, which may include as applicable, the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the location in which the applicant lives and/or from which they will be performing the job.  

#LI-SC1

Sony is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), gender, national origin, citizenship, ancestry, age, physical or mental disability, military status, status as a veteran or disabled veteran, sexual orientation, gender identity or expression, marital or family status, genetic information, medical condition, or any other basis protected by applicable federal, state, or local law, ordinance, or regulation.

Disability Accommodation for Applicants to Sony Corporation of America

Sony Corporation of America provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in job application procedures. For reasonable accommodation requests, please contact us by email at careers@sonyusa.com or by mail to: Sony Corporation of America, Human Resources Department, 25 Madison Avenue, New York, NY 10010. Please indicate the position you are applying for.

EEO is the Law

EEO is the Law Supplement

Right to Work (English/Spanish)

E-Verify Participation (English/Spanish)

While SCA does not require employees to be vaccinated against COVID-19, there are certain Sony offices that require employees to be vaccinated in order to enter.  If you will be located at or travel to those offices, you will be required to be fully vaccinated to enter.  The Company will consider requests for reasonable accommodations for documented medical reasons and for sincerely held religious beliefs in accordance with applicable law.  Please do not include proof of vaccination status or any indication of a possible request for a vaccination accommodation when submitting your application materials.  If applicable, the Company will follow up with you directly to request proof of vaccination and to discuss any potential accommodations.