Senior Manager Cyber Defense jobs at Sony in United States, Arlington

Job Responsibilities:

• Manage a team of Cyber Defense Engineers, executing on the strategic vision of the organization, determining team priorities, assigning work, performing administrative actions, and other managerial duties

• Lead engagements with Sony Group Companies (SGCs) to identify cyber security requirements, understand Sony’s corporate structure and IT environments, gather IT asset inventories, and facilitate implementation of GSIRT projects

• Plan the deployment of hardware and software based cyber security tools to locations on-prem and in cloud environments

• Ensure data on-boarding goals as met from on-prem, cloud (IaaS), andsoftware-as-a-service(SaaS) systems into GSIRT’s Security Incident Event Management (SIEM) system

• Identify requirements for operational processes, procedures, and documentation related to GSIRT’s cyber security engineering program and ensure they are developed in a timely manner

• Prioritize the review of vulnerabilities for potential impact to SGCs and work with SGCs to prioritize remediation or deployment of mitigating controls

• Monitor SIEM solutions for cyber security incident data and provide engineering support to incident response activities

• Develop and report on security engineering program metrics and key performance indicators

• Role requires flexible work hours and on-call duties during non-standard business hours to support the needs of a global corporation

• Other duties related to cyber defense as assigned

• Honesty, trustworthiness and ethical conduct are material requirements for the responsibilities outlined above

• Experience leading or managing a technical team, preferably a team in a cyber defense related discipline

• Broad understanding of information technology, cyber security concepts, and cyber security tools

• Understanding of processes and procedures for the aggregation, transport, and on-boarding of machine data into SIEM solutions

• Experience with one or more programming languages, such as Python

• Working knowledge of networking technologies and protocols; including TCP/IP and standard Internet related protocols

• Competency in one or more data query languages, such as SPL

• Comfort working from the command line interface and leveraging shell scripts to automate repetitive tasks

• Experience with configuration management solutions, SaltStack or Ansible

• Basic understanding and awareness of privacy laws and regulations

• A degree in Computer Science, Computer Engineering, Cyber Security, Information Technology or related subject matter is preferred

• Experience with IaaS cloud providers, such as Amazon Web Services (AWS) and Azure, certifications preferred.

• Experience with CI/CD pipelines and tools, GitLab preferred.

• Experience with project management, preferable Agile management approaches and tools

Job Responsibilities

• Act on behalf of the SD, Cyber Defense in key meetings and as a representative of the organization with Sony Group companies and executive leadership.

• Provide leadership and guidance to Cyber Defense Teams (CDT) operations during the US and EU time zones, acting as a lead and escalation point with the CDT organization.

• Function as a gatekeeper and oversee the flow of communication between cyber defense teams and shared service teams.

• Provide guidance to the CDT management team by providing expert advice to enhance overall team efficiency and delivery.

• Build strong relationships with internal and external stakeholders, representing the SD’s interests and promoting effective collaboration across teams.

• Oversee the execution of key projects and initiatives, monitor progress, identify potential risks, and ensure alignment with organizational goals and timelines. Monitor projects, ensuring the program meets milestones, deliverables, budget, and objectives.

• Conduct research, gather data, and provide analysis to support making informed decisions related to security investments, resource allocation, and risk management.

• Honesty, trustworthiness and ethical conduct are material requirements for the responsibilities outlined above.

• 7+ years of experience leading cyber security teams in large, enterprise environments

• Demonstrated understanding of the cybersecurity and cyber intelligence lifecycles

• Understand prioritization of critical vulnerabilities and remediation for an enterprise

• Experience with cyber crisis management, incident response and remediation preferred.

• Ability to engage with business stakeholders translating detailed analysis into relevant products.

• Exceptional ability to understand and direct or delegate operational work.

• Ability to achieve organizational goals through indirect influence and working in matrixed environments.

• Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues to audiences with varying degrees of understanding.

• Ability to direct and prioritize multiple projects and tasks simultaneously.

JOB RESPONSIBILITIES

• Conduct end to end risk assessments to identify, assess, and measure information security risks for Assets and Third Parties.

• Prepare risk assessment reports to support management action, escalation and risk acceptance processes resulting from risk assessments.

• Manage relationships with security, technology, privacy and business stakeholders to identify and communicate security risks and mitigation strategies.

• Provide risk consulting and training to business, technical, and other Information Security partners.

• Prepare for and support audits related to cybersecurity compliance for internal processes of CISD.

• Maintain and regularly update the risk register.

• Collaborate with key stakeholders to gather and document business requirements and enhancement requests to advance the organization’s Governance, Risk, and Compliance (GRC) capabilities within the global GRC platform.

• Develop test cases and conduct system integration testing for GRC enhancements, validating results throughout the testing process.

• Identify opportunities to enhance risk posture by proposing solutions for remediation or mitigation of risks and assessing residual risks.

• Provide guidance and education on specific security policies pertinent to requesting organizations and their projects and applications.

• Deliver status reports and provide ad hoc Governance program support as necessary.

• Honesty, trustworthiness and ethical conduct are material requirements for the responsibilities outlined above

• Bachelor’s degree in Information Security, Information Systems, Engineering or related discipline.

• 8-10 years of total work experience preferred.

• 2-3 years GRC experience preferred.

• Familiarity with securing one or more of the following is preferred: Artificial Intelligence, Networks infrastructure (network topology, networking technologies), Databases and Operating Systems, IaaS environments, SaaS systems

• Domain expertise in enterprise risk management frameworks and processes, cyber security, or business continuity

• Ability to communicate clearly and concisely with technical and non-technical teams across multiple businesses; written, verbal, presentation, and interpersonal skills.

• Must be highly self-motivated.

• Good analytical, research, and problem-solving skills with a keen attention to detail.

• Ability to work on multiple projects, with strong ability to adapt to dynamic work environment and to prioritize tasks accordingly.

• Good oral and written communication skills.

• All candidates must be authorized to work in the USA.

The successful candidate requires channel experience in working with and selling directly/indirectly to Federal Government accounts. They will have a strong understanding of Imaging Photo and Video technology, be a good communicator with excellent interpersonal skills and have the ability to be a problem solver.

Minimum Requirements

• BS degree is required or equivalent

• Must have 3-5 years related experience

• Prior experience with developing and executing on sales to Federal accounts

• Must have a Professional background, strong problem-solving skills, and demonstrated creativity in overcoming sales barriers.

• Must be able to make professional and compelling presentations; communicate effectively to large and small audiences; and have strong organization and time management skills

The anticipated base pay range for this position is $to $97,878The actual base salary offered depends on a variety of factors, which may include as applicable, the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the location in which the applicant lives and/or from which they will be performing the job.