Security Analyst-Security Risk & Compliance
USA-CA-San Diego-Via Esprillo / 721
10 days ago
PlayStation isn’t just the Best Place to Play —it’s also the Best Place to Work. We’ve thrilled gamers since 1994, when we launched the original PlayStation. Today, we’re recognized as a global leader in interactive and digital entertainment. The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Corporation.
Reporting to the Senior Manager of Security Risk & Compliance, the Security Analyst will ensure that policy and compliance documentation, requirements and controls are accurately and timely identified, mapped, tracked, reviewed, and reported for the organization to increase security posture. The Security Analyst will ensure that documentation, data, assessment information, and GRC program information are kept up to date. Working closely with other members of the Security Team to manage and support security administration tasks and security projects. This position requires a detail-oriented individual able to efficiently analyze and resolve problems.
- Monitor and review IT security controls to identify operational effectiveness
- Assist with implementation of Security Risk Assessment methodology, policy, strategy and process
- Assist with mapping controls to policies, procedures, and processes to ensure adequate coverage
- Perform process and control walkthroughs and document control narratives as assigned
- Perform third party and internal risk assessments
- Assist with access control management and reviews
- Assist with IT remediation efforts and track completion status of deficiencies
- Assist in the ongoing maintenance and process improvements of compliance programs (e.g. PCI DSS, SOX, etc.)
- Provide security consulting services to the internal business owners and partners
- Maintain clear communications, documentation, and timely support for security policy and compliance activities
- Work with GRC and InfoSec tools to collect and maintain security and risk information
- Update project and status reports as needed
- Assist with policy and standards research, development, review and maintenance
- Assist with data governance program
- Preferred 5+ years’ experience in Information Security or Information Technology field. Internship may be substituted for experience
- Bachelor’s degree in Computer Science, IT or Information Security
- Cloud Security foundational knowledge preferred.
- Experience working within a team to deliver and track solutions
- Ability to identify, monitor and remediate security compliance issues
- Hands-on experience working with GRC tools a plus.
- Ability to complete assigned work on time and to specifications
- Strong verbal and communication skills with all levels of the business on security issues
- Willingness to acquire in-depth knowledge of security standard methodologies, technologies and products and continuously improve these skills
- Must be self-motivated, able to work independently, and multi-task effectively
- Experience in using tools and techniques for planning, organizing and implementing projects
- CISSP preferred or willingness to obtain
Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to race, color, religion, gender, pregnancy, national origin, ancestry, citizenship, age, legally protected physical or mental disability, covered veteran status, status in the U.S. uniformed services, sexual orientation, marital status, genetic information or membership in any other legally protected category.
We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.
We sincerely appreciate the time and effort you spent in contacting us and we thank you for your interest in PlayStation.