Sony Corporation of America
Principal Cyber Defense Engineer
Sony Corporation of America, California, Missouri, United States, 65018
Sony Corporation of America , located in New York, NY, is the U.S. headquarters of Sony Group Corporation, based in Tokyo, Japan. Sony's principal U.S. businesses include Sony Electronics Inc., Sony Interactive Entertainment LLC, Sony Music Entertainment, Sony Music Publishing, and Sony Pictures Entertainment Inc. With some 900 million Sony devices in hands and homes worldwide today, a vast array of Sony movies, television shows, and music, and the PlayStation Network, Sony creates and delivers more entertainment experiences to more people than anyone else on earth. To learn more:
www.sony.com/en . POSITION SUMMARY We are seeking a highly skilled and experienced Principal Cyber Defense Engineer to join our newly formed Cyber Defense Team at Sony. This role is pivotal in ensuring the security and integrity of our systems by managing cyber defense operations, facilitating data onboarding, and supporting network administration tasks. The ideal candidate will have a strong background in security engineering, with a focus on automation and process improvement. Additionally, this role involves acting as an internal consultant to our operating companies, providing guidance and support to meet their security needs, and assisting with vulnerability assessments and remediation efforts where needed. JOB RESPONSIBILITIES Data Onboarding: Support the data onboarding process into Splunk, ensuring accurate and efficient data collection. Utilize methods such as Syslog (TLS), HTTP Event Collector (HEC), AWS S3, and Microsoft Azure EventHub for data integration. Maintain and optimize Splunk Universal Forwarder (UF) and Heavy Forwarder (HF) configurations. Ensure data normalization using Splunk's Common Information Model (CIM) for consistent and efficient searching, correlation, and reporting. Cyber Defense Operations: Focus on automation to streamline and enhance security processes. Work with Sony Companies to assist with managing and optimize Microsoft Defender MDE. Integrate data into the SIEM by onboarding data via methods such as syslog and HTTP event forwarders. Act as the primary point of contact for operating companies, assisting with connections to the internal GSIRT group. Develop and implement security measures and protocols. Collaborate with the Incident Response (IR) team to ensure comprehensive security coverage. Perform basic network administration tasks, such as logging into firewalls and checking versions. Support general project tasks related to network security. Proactively reach out to operating companies to understand their security needs and areas for improvement. Provide expert guidance and develop tailored security plans to address specific requirements. Conduct internal research and leverage knowledge to offer actionable recommendations. Vulnerability Management: Work with operating companies to prioritize attack surface management findings. Provide remediation guidance and support to address identified vulnerabilities. Ensure timely and effective resolution of security vulnerabilities. Process Development: Establish and document new processes and procedures. Continuously improve existing processes to enhance efficiency and effectiveness. Honesty, trustworthiness, and ethical conduct are material requirements for the responsibilities outlined above. QUALIFICATIONS FOR POSITION Required Skills Splunk Data Onboarding Experience with Splunk Universal Forwarder (UF) and Heavy Forwarder (HF) Proficiency with HTTP Event Collector (HEC) Familiarity with data onboarding methods: Syslog (TLS), AWS S3, Microsoft Azure EventHub Splunk Administration and Usage Building dashboards, reports, and advanced queries Understanding of Splunk's Common Information Model (CIM) Project Management and Collaboration Handling tight deadlines and multiple projects Collaborating with infrastructure engineering and security teams Preferred Skills Big Data and Data Platforms Familiarity with other big data tools like ELK (Elasticsearch, Logstash, Kibana) Knowledge of Splunk Database (DB) Connect Understanding of Summary Index and how to exclude events from being indexed Familiarity with important Splunk configuration files Security Knowledge Vulnerability management and attack surface reduction Experience with Microsoft Defender Implementing and maintaining SIEM logging standards Creating security reports and escalating issues General IT Skills Adaptability to significant changes in projects or work environments Ability to conduct independent research and self-learning Experience Extensive experience in cyber defense and security engineering, preferably as a principal or lead role within a cyber defense team Proven track record of managing and optimizing security operations with a strong emphasis on automation. Demonstrated ability to leverage automation tools and techniques to streamline security operations and improve efficiency. Experience in scripting and automating tasks using Python or other relevant programming languages. Proven ability to integrate and automate security tools and platforms, such as Microsoft Defender MDE and Splunk. Experience in creating automated workflows for vulnerability management and remediation. CISSP, CISM, or other relevant security certifications is a plus Excellent communication and interpersonal skills. Strong problem-solving and analytical abilities. Ability to work independently and as part of a team. Comfortable with reaching out to and consulting with internal stakeholders. All candidates must be authorized to work in the USA. Benefits: Comprehensive medical, prescription drug, dental, and vision coverage with coverage for spouses/domestic partners and child dependents, including access to a Health Savings Account (HSA) and Flexible Spending Account (FSA) Employee assistance plan and comprehensive behavioral health benefits Fertility benefits, including surrogacy, and adoption assistance programs Basic and supplemental life insurance for employees as well as supplemental life insurance coverage for their spouses/domestic partners and children Voluntary benefits such as group legal, identity theft protection, accident, and hospital indemnity insurance Short-term & long-term disability plans Paid parental and caregiver leave 401(k) Plan with pre-tax, Roth, and after-tax options and company match with immediate vesting Education assistance and student loan programs Other Programs: Flexible Work Arrangements, including remote and hybrid work schedules Time off to include vacation, paid holidays, sick leave, Summer Fridays (early release), and a winter break between Christmas and New Year's Day (based on business needs) Referral bonuses (subject to eligibility) Matching gift program A wide variety of employee business resource groups (EBRGs) Special discounts on Sony products, offered exclusively to Sony employees Employee stock purchase plan (Sony covers commissions and fees for your Sony stock purchases made through after-tax payroll deductions) Annual incentive bonus Sony is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), gender, national origin, citizenship, ancestry, age, physical or mental disability, military status, status as a veteran or disabled veteran, sexual orientation, gender identity or expression, marital or family status, genetic information, medical condition, or any other basis protected by applicable federal, state, or local law, ordinance, or regulation. SCA will consider qualified applicants with arrest or conviction records in accordance with applicable law. Disability Accommodation for Applicants to Sony Corporation of America Sony Corporation of America provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in job application procedures. For reasonable accommodation requests, please contact us by email at careers@sonyusa.com or by mail to: Sony Corporation of America, Human Resources Department, 25 Madison Avenue, New York, NY 10010. Please indicate the position you are applying for. The anticipated annual base salary for this position is $175,000 to $190,000. This range does not include any other compensation components or other benefits that an individual may be eligible for. The actual base salary offered depends on a variety of factors, which may include as applicable, the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the location in which the applicant lives and/or from which they will be performing the job.
#J-18808-Ljbffr
www.sony.com/en . POSITION SUMMARY We are seeking a highly skilled and experienced Principal Cyber Defense Engineer to join our newly formed Cyber Defense Team at Sony. This role is pivotal in ensuring the security and integrity of our systems by managing cyber defense operations, facilitating data onboarding, and supporting network administration tasks. The ideal candidate will have a strong background in security engineering, with a focus on automation and process improvement. Additionally, this role involves acting as an internal consultant to our operating companies, providing guidance and support to meet their security needs, and assisting with vulnerability assessments and remediation efforts where needed. JOB RESPONSIBILITIES Data Onboarding: Support the data onboarding process into Splunk, ensuring accurate and efficient data collection. Utilize methods such as Syslog (TLS), HTTP Event Collector (HEC), AWS S3, and Microsoft Azure EventHub for data integration. Maintain and optimize Splunk Universal Forwarder (UF) and Heavy Forwarder (HF) configurations. Ensure data normalization using Splunk's Common Information Model (CIM) for consistent and efficient searching, correlation, and reporting. Cyber Defense Operations: Focus on automation to streamline and enhance security processes. Work with Sony Companies to assist with managing and optimize Microsoft Defender MDE. Integrate data into the SIEM by onboarding data via methods such as syslog and HTTP event forwarders. Act as the primary point of contact for operating companies, assisting with connections to the internal GSIRT group. Develop and implement security measures and protocols. Collaborate with the Incident Response (IR) team to ensure comprehensive security coverage. Perform basic network administration tasks, such as logging into firewalls and checking versions. Support general project tasks related to network security. Proactively reach out to operating companies to understand their security needs and areas for improvement. Provide expert guidance and develop tailored security plans to address specific requirements. Conduct internal research and leverage knowledge to offer actionable recommendations. Vulnerability Management: Work with operating companies to prioritize attack surface management findings. Provide remediation guidance and support to address identified vulnerabilities. Ensure timely and effective resolution of security vulnerabilities. Process Development: Establish and document new processes and procedures. Continuously improve existing processes to enhance efficiency and effectiveness. Honesty, trustworthiness, and ethical conduct are material requirements for the responsibilities outlined above. QUALIFICATIONS FOR POSITION Required Skills Splunk Data Onboarding Experience with Splunk Universal Forwarder (UF) and Heavy Forwarder (HF) Proficiency with HTTP Event Collector (HEC) Familiarity with data onboarding methods: Syslog (TLS), AWS S3, Microsoft Azure EventHub Splunk Administration and Usage Building dashboards, reports, and advanced queries Understanding of Splunk's Common Information Model (CIM) Project Management and Collaboration Handling tight deadlines and multiple projects Collaborating with infrastructure engineering and security teams Preferred Skills Big Data and Data Platforms Familiarity with other big data tools like ELK (Elasticsearch, Logstash, Kibana) Knowledge of Splunk Database (DB) Connect Understanding of Summary Index and how to exclude events from being indexed Familiarity with important Splunk configuration files Security Knowledge Vulnerability management and attack surface reduction Experience with Microsoft Defender Implementing and maintaining SIEM logging standards Creating security reports and escalating issues General IT Skills Adaptability to significant changes in projects or work environments Ability to conduct independent research and self-learning Experience Extensive experience in cyber defense and security engineering, preferably as a principal or lead role within a cyber defense team Proven track record of managing and optimizing security operations with a strong emphasis on automation. Demonstrated ability to leverage automation tools and techniques to streamline security operations and improve efficiency. Experience in scripting and automating tasks using Python or other relevant programming languages. Proven ability to integrate and automate security tools and platforms, such as Microsoft Defender MDE and Splunk. Experience in creating automated workflows for vulnerability management and remediation. CISSP, CISM, or other relevant security certifications is a plus Excellent communication and interpersonal skills. Strong problem-solving and analytical abilities. Ability to work independently and as part of a team. Comfortable with reaching out to and consulting with internal stakeholders. All candidates must be authorized to work in the USA. Benefits: Comprehensive medical, prescription drug, dental, and vision coverage with coverage for spouses/domestic partners and child dependents, including access to a Health Savings Account (HSA) and Flexible Spending Account (FSA) Employee assistance plan and comprehensive behavioral health benefits Fertility benefits, including surrogacy, and adoption assistance programs Basic and supplemental life insurance for employees as well as supplemental life insurance coverage for their spouses/domestic partners and children Voluntary benefits such as group legal, identity theft protection, accident, and hospital indemnity insurance Short-term & long-term disability plans Paid parental and caregiver leave 401(k) Plan with pre-tax, Roth, and after-tax options and company match with immediate vesting Education assistance and student loan programs Other Programs: Flexible Work Arrangements, including remote and hybrid work schedules Time off to include vacation, paid holidays, sick leave, Summer Fridays (early release), and a winter break between Christmas and New Year's Day (based on business needs) Referral bonuses (subject to eligibility) Matching gift program A wide variety of employee business resource groups (EBRGs) Special discounts on Sony products, offered exclusively to Sony employees Employee stock purchase plan (Sony covers commissions and fees for your Sony stock purchases made through after-tax payroll deductions) Annual incentive bonus Sony is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), gender, national origin, citizenship, ancestry, age, physical or mental disability, military status, status as a veteran or disabled veteran, sexual orientation, gender identity or expression, marital or family status, genetic information, medical condition, or any other basis protected by applicable federal, state, or local law, ordinance, or regulation. SCA will consider qualified applicants with arrest or conviction records in accordance with applicable law. Disability Accommodation for Applicants to Sony Corporation of America Sony Corporation of America provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in job application procedures. For reasonable accommodation requests, please contact us by email at careers@sonyusa.com or by mail to: Sony Corporation of America, Human Resources Department, 25 Madison Avenue, New York, NY 10010. Please indicate the position you are applying for. The anticipated annual base salary for this position is $175,000 to $190,000. This range does not include any other compensation components or other benefits that an individual may be eligible for. The actual base salary offered depends on a variety of factors, which may include as applicable, the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the location in which the applicant lives and/or from which they will be performing the job.
#J-18808-Ljbffr