Sony Principal Engineer Cyber Defense 

United States, Maryland 

484505917

JOB RESPONSIBILITIES

• Lead engagements with Sony Group Companies (SGCs) to identify cyber security requirements, understand Sony’s corporate structure and IT environments, gather IT asset inventories, and facilitate implementation of GSIRT projects

• Implement and manage Microsoft Azure security services, including Azure Security Center, Azure Active Directory, and Defender for Cloud (policies and frameworks

• Plan the deployment of hardware and software based cyber security tools to locations on-prem and in cloud environments (Azure/AWS/GCP preferred)

• Ensure data on-boarding goals as met from on-prem, cloud (IaaS), andsoftware-as-a-service(SaaS) systems into GSIRT’s Security Incident Event Management (SIEM) system

• Prioritize the review of vulnerabilities for potential impact to SGCs and work with SGCs to prioritize remediation or deployment of mitigating controls

• Work closely with engineering, DevOps, compliance, and executive teams to drive cloud security initiatives and maintain a robust security posture.

• Act as a subject matter expert in cloud security, providing recommendations and insights to stakeholders.

• Monitor SIEM solutions for cyber security incident data and provide engineering support to incident response activities

• Role requires flexible work hours and on-call duties during non-standard business hours to support the needs of a global corporation

• Other duties related to cyber defense as assigned

• Ingest and transform data from diverse sources (e.g., logs, databases, APIs) into Splunk, ensuring proper indexing, field extraction, and sourcetypes (including implementing Splunk apps, inputs, etc. as necessary)

• Honesty, trustworthiness, and ethical conduct are essential for this role.

• Broad understanding of information technology, cyber security concepts, and cyber security tools

• Understanding of processes and procedures for the aggregation, transport, and on-boarding of data into SIEM solutions (Splunk preferred)

• Experience with one or more programming languages, such as Python

• Working knowledge of networking technologies and protocols; including TCP/IP and standard Internet related protocols

• Competency in one or more data query languages, such as SPL

• Strong ability to design and implement customized Splunk dashboards, reports, and alerts.

• Comfort working from the command line interface and leveraging shell scripts to automate repetitive tasks

• Proven expertise in Microsoft Azure services, including Azure Security Center, Azure Active Directory, and Defender for Cloud.

• Deep understanding of cloud security best practices, threat management, and compliance frameworks (e.g., NIST, CIS, ISO 27001).

• Experience leading or managing a technical team, preferably a team in a cyber defense related discipline preferred, but this role will primarily be an individual contributor position

• Basic understanding and awareness of privacy laws and regulations

• A degree in Computer Science, Computer Engineering, Cyber Security, Information Technology or related subject matter is preferred

• Experience with IaaS cloud providers, such as Amazon Web Services (AWS) and Azure, certifications preferred. (Azure strongly preferred)

• Experience with CI/CD pipelines and tools, GitLab preferred.

• Experience with project management, preferable Agile management approaches and tools