Assess new security technologies to determine potential value for the enterprise.
Identify, analyze, evaluate, and document information security risks and controls based on established risk criteria.
Conduct security risk assessments of existing and new systems to identify vulnerabilities and risks.
Recommend controls to mitigate security risks identified via the risk assessment process.
Communicate risk findings and recommendations that are clear and actionable by business stakeholders.
Conduct vulnerability assessments of Sony's systems and networks.
Knowledge of networking concepts (routing, switching, proxy, firewall).
Extensive expertise in cybersecurity, with a deep understanding of vulnerabilities and exploit techniques.
Contribute to and achieve business and team goals and objectives, ensuring that security assurance processes are aligned with organizational objectives.
Strong understanding of exploit mitigations and countermeasures.
Assist with the evaluation of the effectiveness of the new systems by developing, monitoring, gathering, and analyzing information security and compliance metrics for management.
Articulate results of the final assessments to business stakeholders, project sponsors, program managers, and other internal parties.
Excellent problem-solving skills, creativity, and the ability to adapt to new attack surfaces.
Effective communication skills for documenting and presenting findings, as well as explaining exploit details.
Commitment to ethical hacking principles and responsible disclosure practices.
Power BI experience for reporting and data visualization is essential.
Knowledge of information security standards and information privacy laws.
2+ years of experience conducting security control assessments or audits.
Knowledge of core security controls and systems such as risk analysis quantification and points of escalation.
Knowledge of IT security regulations and standards, such as ISO and Sarbanes-Oxley.
Demonstrated ability to implement new policies and programs.
Strong written and verbal communication skills.
Strong analytical and critical thinking skills.
Understanding of Agile processes and principles.
Good communication and presentation skills.
Preferred experience with Azure DevOps.
Professional certification, such as CISA, CISM, CRISC, CISSP, or ISAAP.
