Director, Security Engineering

NA / San Diego Via Esprillo 40

Sony

Learn about Sony Group Corporation's Businesses and Products; our initiatives in Technology, Sustainability, and Design; and recent Press Releases, Career opportunities, and Investor Relations info.

View company page

Sony Corporation of America, located in New York, NY, is the U.S. headquarters of Sony Group Corporation, based in Tokyo, Japan. Sony's principal U.S. businesses include Sony Electronics Inc., Sony Interactive Entertainment LLC, Sony Music Entertainment, Sony Music Publishing and Sony Pictures Entertainment Inc. With some 900 million Sony devices in hands and homes worldwide today, a vast array of Sony movies, television shows and music, and the PlayStation Network, Sony creates and delivers more entertainment experiences to more people than anyone else on earth. To learn more: www.sony.com/en.
 

DEPARTMENT OVERVIEW

The Corporate Digital Transformation (DX) team's goal is to enable the transformation of SONY, and its component companies into data-driven and AI-driven companies enabled by innovative technology. Information sharing within and across SONY operating companies is critical to these transformations, and success in doing so requires innovation and precision in approaches to information security. In order to encourage and accelerate these transformations, the DX team is also building and operating information systems that enable sophisticated data analysis and cross-company sharing of some of the most sensitive information that SONY handles. These DX systems include complex, state-of-the-art data transformation and analytics platforms, and include high-performance, customer-facing services that will be incorporated into products and services of multiple SONY companies.

Strong, consistent, innovative information security approaches are necessary both within the DX systems, and in the various operating company systems that incorporate the DX services, and that share, analyze, and consume information in the emerging data-driven SONY.

POSITION SUMMARY

The primary role of the Director, Security Engineering is to serve as the lead engineer for the information and product security area of SONY’s digital transformation, which involves leading the transformation and modernization of DX product security architectures in alignment with SONY's strategic initiatives. This is a critical global engineering role in SONY’s DX and security areas and requires substantial technical leadership and coordination within the DX program, and with teams throughout SONY.

This position will be a part of the team responsible for establishing a unified enterprise security architecture, and key security controls and models, and being subject matter experts for various security areas to ensure SONY’s DX security practices and controls constantly improve. The team member will have a good balance of business and technical knowledge and will be comfortable across many disciplines of Information Security, Product Security, and Product Development and demonstrate a strong passion for all three.

The employee will engineer solutions which provide for the protection of some of SONY’s most important information assets and services, particularly those related to cross-company sensitive information sharing and critical common platforms, and work towards the design of solutions which coordinate interactions and processes between the systems which provide that protection. This may include but it is not limited to assessment of solutions available in the marketplace, integration design, and preparing the company for operationalization of security technologies. Similarly, the employee will participate in change management efforts and will frequently be asked to perform advisory functions for both DX and other departments.

The employee will lead the development and maintenance of the deployment blueprints for all security technology to be implemented within the DX environment, as well as supporting the creation of architectural documents required to support budgetary approval processes. This will include the creation of technology architecture diagrams, information flows and processes, as well as requirements for security monitoring, PKI dependencies, and access control. The blueprints will be expected to be reusable across SONY wherever possible.

The employee will be required to work with the existing Product Development groups to understand the systems and applications, integration points and data flows. Documented security requirements, solutions architectures, design specifications, etc. will be created and maintained to ensure the security objectives of the organization are met.

The employee will be an innovative and strategic thinker with an open and collaborative style that fosters teamwork, sustains a learning environment for staff, and works within the Company culture to provide solutions that meet the Company’s joint business and security objectives, including efforts to continue the safe adoption advanced security, AI, and ML technologies.

The employee will have specific responsibilities for architecture and engineering functions as they relate to cloud computing, specializing in Amazon Web Services (AWS), including development of security solutioning, recommendations, presentation materials and risk management activities regarding technologies such as AWS IAM, EC2, S3, ECS/EKS/Fargate, Lambda, and others. Additionally, they will lead efforts related to specification, identification, and integration of other third party and SONY-developed technologies including Snowflake, Google GCP, and Microsoft Azure.

We want to invite those who have the experience and knowledge to join the team responsible for all aspects of product security and cybersecurity of the DX products and projects, which enables SONY to be a better data-driven company.

JOB RESPONSIBILITIES

This position involves a pivotal role being the senior engineer delivering advanced technology solutions to stakeholders in SONY HQ and throughout SONY companies. Examples are teams in R&D, product development and support, sales and marketing, legal, privacy, product security, information security, and SONY’s operating companies across the globe in creating and operating a secure environment for DX products and projects. Below are the main areas to lead engineering efforts for global DX activities:

1. Transformational Security Engineering:

  • Spearhead the design and implementation of secure DX product architectures, particularly on AWS and Snowflake with a primary focus on large data platforms and authentication services, ensuring they align with SONY’s strategic objectives.

  • Champion the adoption of advanced security, AI, and ML technologies to enhance the DX organization’s security posture.

2. Subject Matter Expertise:

  • Establish yourself as a subject matter expert in various security areas, providing guidance and insights to ensure continuous improvement of DX security practices and controls.

3. Information Asset Protection:

  • Engineer solutions to protect SONY's DX critical information assets and services, particularly those related to cross-company sensitive information sharing and critical common platforms.

4. Integration and Operationalization:

  • Assess security solutions available in the marketplace or needing custom development and design integration strategies to prepare the company for operationalizing security technologies effectively.

5. Change Management and Advisory Functions:

  • Participate in change management efforts related to security initiatives, providing advisory support to both DX and other departments as needed.

6. Deployment Blueprints and Architecture:

  • Develop and maintain deployment blueprints for all security technologies within the DX environment.

  • Create architectural documents supporting budgetary approval processes and ensuring reusability across SONY.

7. Collaboration with Product Development:

  • Collaborate with existing Product Development groups to understand systems, applications, integration points, and data flows.

  • Document security requirements, solutions architectures, and design specifications to meet organizational security objectives.

8. Strategic Innovation:

  • Demonstrate strategic and innovative thinking, fostering a collaborative environment that promotes teamwork and encourages a learning culture supporting partners of the team.

9. Cloud Security Expertise:

  • Specialize in cloud computing, particularly Amazon Web Services (AWS), and lead efforts related to security solutioning, risk management activities, and integration of other third-party and SONY-developed cloud technologies.

10. Continuous Improvement:

  • Drive continuous improvement in security practices and technologies, staying up to date with the latest security trends and emerging threats.

11. Data-Driven Solutions:

  • Enable SONY to be a better data-driven company by implementing secure data practices and ensuring the confidentiality, integrity, and availability of DX products and projects.

12. Collaborative Partnership:

  • Collaborate with internal teams, external vendors, and partners to align security efforts with business goals and foster a secure ecosystem within SONY's DX division.

13. Incident Response:

  • Provide support as needed during security incidents and breaches, collaborating with other teams to ensure timely and effective response.

  • Provide technical expertise, perform investigation, and provide summarization as needed to support incident response processes.

QUALIFICATIONS FOR POSITION

Your qualifications and experience should include:

  • 10+ years of deep IT and cybersecurity engineering experience for complex technical enterprises, services, and products

  • 5+ years of leading security engineering efforts related to DevOps / SecDevOps in large/complex AWS environments, ideally including Snowflake database systems and non-AWS cloud platforms as well.

  • 3+ years leading large and complex security architecture efforts in enterprise environments.

  • Experience with advanced security technologies, AI, and ML applications in the security domain.

  • Deep experience in cybersecurity engineering and operations

  • Superb collaborator and communicator, comfortable, confident, and experienced in guiding abstract into actions.

  • Strong sense of ownership as it relates to project management, and a bias for structure and action.

  • Ability to facilitate both discussion and outcomes with multiple stakeholders across the world in complex technical and organizational situations.

  • Application knowledge, IT infrastructure, and network knowledge in SONY group are a plus.

  • Japanese language skills are a plus.

  • Network within the SONY group is a plus, as the role requires both consensus and community building among operating companies.

  • Flexible work time for the stakeholders in US East, US West, and Japan.

In addition to competitive pay and benefits, we offer an environment and culture that promotes Diversity, Equity, and Inclusion. We are committed to creating an inclusive employee experience for you to thrive as part of Sony’s purpose to “fill the world with emotion through the power of creativity and technology.”

Benefits:   

SCA offers benefits-eligible employees (generally regular employees scheduled to work 20 or more hours a week) a comprehensive benefits program that offers coverage and support for employees and their family’s physical, emotional, and financial well-being.  

 What we offer you:

  • Comprehensive medical, prescription drug, dental, and vision coverage with coverage for spouses/domestic partners and child dependents, including access to a Health Savings Account (HSA) and Flexible Spending Account (FSA) 

  • Employee assistance plan and comprehensive behavioral health benefits

  • Fertility benefits, including, surrogacy, and adoption assistance programs   Basic and supplemental life insurance for employees as well as supplemental life insurance coverage for their spouses/domestic partners and children 

  • Voluntary benefits such as group legal, identity theft protection, accident, and hospital indemnity insurance 

  • Short-term & long-term disability plans  

  • Up to 12 weeks of paid parental and caregiver leave 

  • 401(k) Plan with pre-tax, Roth, and after-tax options and company match with immediate vesting

  • Education assistance and student loan programs   

Other Programs: 

  • Flexible Work Arrangements, including remote and hybrid work schedules

  • Time off to include vacation, paid holidays, sick leave, Summer Fridays (early release), and a winter break between Christmas and New Year’s Day (based on business needs)

  • Referral bonuses (subject to eligibility)  

  • Matching gift program  

  • A wide variety of employee business resource groups (EBRGs)  

  • Special discounts on Sony products, offered exclusively to Sony employees

  • Employee stock purchase plan (Sony covers commissions and fees for your Sony stock purchases made through after-tax payroll deductions) 

The anticipated annual base salary for this position is as follows: Los Angeles, CA: $190-200,000, San Diego, CA: $180-190,000. This range does not include any other compensation components or other benefits that an individual may be eligible for. The actual base salary offered depends on a variety of factors, which may include as applicable, the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the location in which the applicant lives and/or from which they will be performing the job.  

#LI-KD1

Sony is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), gender, national origin, citizenship, ancestry, age, physical or mental disability, military status, status as a veteran or disabled veteran, sexual orientation, gender identity or expression, marital or family status, genetic information, medical condition, or any other basis protected by applicable federal, state, or local law, ordinance, or regulation.

Disability Accommodation for Applicants to Sony Corporation of America

Sony Corporation of America provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in job application procedures. For reasonable accommodation requests, please contact us by email at careers@sonyusa.com or by mail to: Sony Corporation of America, Human Resources Department, 25 Madison Avenue, New York, NY 10010. Please indicate the position you are applying for.

EEO is the Law

EEO is the Law Supplement

Right to Work (English/Spanish)

E-Verify Participation (English/Spanish)

While SCA does not require employees to be vaccinated against COVID-19, there are certain Sony offices that require employees to be vaccinated in order to enter.  If you will be located at or travel to those offices, you will be required to be fully vaccinated to enter.  The Company will consider requests for reasonable accommodations for documented medical reasons and for sincerely held religious beliefs in accordance with applicable law.  Please do not include proof of vaccination status or any indication of a possible request for a vaccination accommodation when submitting your application materials.  If applicable, the Company will follow up with you directly to request proof of vaccination and to discuss any potential accommodations. 

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Analytics AWS Azure Cloud DevOps EC2 GCP IAM Incident response IT infrastructure Lambda Monitoring PKI Privacy Product security R&D Risk management S3 Snowflake

Perks/benefits: 401(k) matching Career development Competitive pay Equity Fertility benefits Flex hours Flexible spending account Flex vacation Health care Insurance Medical leave Parental leave Salary bonus Team events

Region: North America
Country: United States
Job stats:  13  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.