Untitled

Director of Vulnerability Management Engineering

 

Job Code: 4956568 Location: Washington, DC

 

Sony Corporation of America, located in New York, NY, is the U.S. headquarters of Sony Corporation, based in Tokyo, Japan. Sony's principal U.S. businesses include Sony Electronics Inc., Sony Mobile Communications (USA) Inc., Sony Computer Entertainment America LLC, Sony Network Entertainment Inc., Sony Pictures Entertainment Inc., Sony Music Entertainment, Sony/ATV Music Publishing LLC, and Sony Online Entertainment LLC. With some 900 million Sony devices in hands and homes worldwide today, a vast array of Sony movies, television shows and music, and the PlayStation Network and the Sony Entertainment Network, Sony creates and delivers more entertainment experiences to more people than anyone else on earth.

 

Summary:

Sony Corporation of America (SCA) is seeking a Director of Vulnerability Management Engineering, to join the Global Information Security and Privacy organization in Northern Virginia area. This position will report to the Senior Director, Security Engineering, and be a part of the team responsible for establishing a unified enterprise security architecture to secure Sony’s information assets, services, and the products that depend on them, building trust with customers and stakeholders, and protecting the privacy of Sony’s customers and employees.

Responsibilities:

Unify and enhance Sony’s global information security architecture, to include a cohesive vulnerability management strategy encompassing all Sony Group companies

Serve as a technical security subject matter expert and advisor for global information security priority initiatives

Lead multiple teams of highly technical engineers and developers, providing thought leadership, career development, mentorship, and technical guidance

Oversee the development of vulnerability management systems, initiatives, integration, and technical assessment support

Lead teams and coordinate efforts or initiatives for penetration testing, system and application vulnerability management, overall technical risk assessments, and hunting operations

Develop and refine global information security technical standards, guidelines, and training

Support coordination of budgetary planning activities for Sony Group company expenditures related to information security tools and services, to include leadership of enterprise mid-range planning activities

Support the management, planning and execution of the global security engineering budget

Assemble and lead diverse sets of information security experts and stakeholders in the formulation of unified information security requirements and architecture standards for Sony’s most critical global projects and contracts

Serve as a subject matter expert performing intra-company advisory services related to security architecture strategy and technology implementation

 

 

Qualifications:

Minimum of ten (10) years of experience in information security

Minimum of five (5) years of experience in penetration testing/red teaming

Master’s degree in an appropriate field, such as Computer Science, or equivalent experience

Experience developing and refining threat-informed defense-in-depth security architectures

Expert-level knowledge of prevalent operational security tactics and techniques (vulnerability exploits and countermeasures, remote access trojans and related persistence techniques, social engineering, etc.)

Expert-level knowledge of advanced persistent threats

Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues in clear and concise language

Ability to collaborate and communicate effectively and tactfully with both business-oriented executives and technology-oriented personnel

Ability to negotiate compromise between diverse parties with competing equities

Ability to work independently in unstructured situations