Information Security Analyst
United Kingdom, London
Applications have closed
PlayStation Global
Erkunde die neue Generation von PlayStation 4- und PS5-Konsolen – erlebe immersives Gaming mit Tausenden Spiele-Hits aus allen Genres, die die Regeln für das, was eine PlayStation-Konsole kann, neu schreiben.Why PlayStation?
PlayStation isn’t just the Best Place to Play — it’s also the Best Place to Work. Today, we’re recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation®5, PlayStation®4, PlayStation®VR, PlayStation®Plus, acclaimed PlayStation software titles from PlayStation Studios, and more.
PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team.
The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Corporation.
Role overview:
PlayStation is looking for an Information Security Analyst to join our team and operate the day-to-day Governance, Risk and Compliance management processes for the European Region.
The successful candidate will help to maintain and improve our Information Security Management System, as well as have opportunities to work on projects that deliver our global security strategy.
Based in San Diego, the candidate will be working with business, technical and third party partners as well as working collaboratively with the wider Information Security team across the globe.
What you’ll be doing:
- Coordinates all aspects of information security and provides consulting services to business units and other partners.
- Responsible for the day to day tasks related to key Information Security Management System (ISMS) processes and maintaining our ISO27001 certification.
- Supports the security risk assessment methodology, policy, strategy, and process by performing hands-on gap and risk assessments to identify and document information security risks associated with applications, information systems, cloud and physical IT infrastructures.
- Supports the third-party due diligence and assurance assessment processes and able to articulate and advise on associated risks to the business, contractual requirements and resulting recommendations.
- Triage information security incidents, working with our 24/7 SOC teams, business partners and related third parties, as well as be responsible for reporting and raising where necessary.
- Works with business partners to identify and implement information security requirements related to projects and engagements.
- Develops information security awareness communications and education programs to the business.
- Monitors and reviews IT security controls to identify operational efficiency.
- Supporting the Information Security Manager, performs security audits related to business areas, processes or third parties.
- Maps controls to policies, standards, procedures, and processes to ensure compliance.
- Identifies remediation requirements and can negotiate, track and report on remediation efforts.
- Works with GRC and other security tools to collect and maintain security and risk information.
- Maintains broad knowledge of industry trends in the field of information security and other technologies relevant to systems handled by the operations teams.
- Work with technical teams, partners, and leadership teams to translate security risk mitigation plans into action items to mitigate risk.
- Advances the SIEE InfoSec program via partnerships with shared services teams within information security.
What we’re looking for:
- At least three years of related work experience.
- Experience in business partner/stakeholder management.
- Experience in security due diligence and audits.
- Proven technical background in Information Security risk management, including work related to IT systems and networking
- Experience implementing or assessing security in a cloud-hosted environment.
Desirable Knowledge and Skills:
- Familiarity with AWS (or similar) cloud security and infrastructure
- Knowledge of and experience with SaaS and web infrastructure security
- Privileged access management
- Microsoft Windows and Apple Mac OS hardening
- Policy administration
- Security standards such as SOX, ISO 27001, NIST, PCI
- Ability to handle parallel tasks and accurately detail resolutions
- Excellent attention to detail and meticulous in approach
- Excellent verbal and written communication
- Outstanding independent problem-solving experience
- Bachelor’s degree in Computer Science, Electrical Engineering, Information Security, or related field or equivalent experience
- CISSP and/ or CCSP preferred
Benefits:
- Discretionary bonus opportunity
- Private Medical Insurance
- Dental Scheme
- London Allowance (if applicable)
- 25 days holiday per year
- On Site Gym
- Subsidised Café
- Free soft drinks
- On site bar
- Access to cycle garage and showers
Equal Opportunity Statement:
Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy or maternity, trade union membership or membership in any other legally protected category.
We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.
PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS CCSP CISSP Cloud Compliance Computer Science Governance ISMS ISO 27001 NIST Risk assessment Risk management SaaS Security strategy SOC SOX Strategy Windows
Perks/benefits: Fitness / gym Health care Insurance
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs