Principal Cyber Defense Engineer
Work from Home-DC
Sony Corporation of America, located in New York, NY, is the U.S. headquarters of Sony Group Corporation, based in Tokyo, Japan. Sony's principal U.S. businesses include Sony Electronics Inc., Sony Interactive Entertainment LLC, Sony Music Entertainment, Sony Music Publishing and Sony Pictures Entertainment Inc. With some 900 million Sony devices in hands and homes worldwide today, a vast array of Sony movies, television shows and music, and the PlayStation Network, Sony creates and delivers more entertainment experiences to more people than anyone else on earth. To learn more: www.sony.com/en.
POSITION SUMMARY
We are seeking a highly skilled and experienced Principal Cyber Defense Engineer to join our newly formed Cyber Defense Team at Sony. This role is pivotal in ensuring the security and integrity of our systems by managing cyber defense operations, facilitating data onboarding, and supporting network administration tasks. The ideal candidate will have a strong background in security engineering, with a focus on automation and process improvement. Additionally, this role involves acting as an internal consultant to our operating companies, providing guidance and support to meet their security needs, and assisting with vulnerability assessments and remediation efforts where needed.
JOB RESPONSIBILITIES
Data Onboarding:
Support the data onboarding process into Splunk, ensuring accurate and efficient data collection.
Utilize methods such as Syslog (TLS), HTTP Event Collector (HEC), AWS S3, and Microsoft Azure EventHub for data integration.
Maintain and optimize Splunk Universal Forwarder (UF) and Heavy Forwarder (HF) configurations.
Ensure data normalization using Splunk's Common Information Model (CIM) for consistent and efficient searching, correlation, and reporting.
Cyber Defense Operations:
Focus on automation to streamline and enhance security processes.
Work with Sony Companies to assist with managing and optimize Microsoft Defender MDE.
Integrate data into the SIEM by onboarding data via methods such as syslog and HTTP event forwarders.
Act as the primary point of contact for operating companies, assisting with connections to the internal GSIRT group.
Data onboarding
Develop and implement security measures and protocols.
Collaborate with the Incident Response (IR) team to ensure comprehensive security coverage.
Perform basic network administration tasks, such as logging into firewalls and checking versions.
Support general project tasks related to network security.
Proactively reach out to operating companies to understand their security needs and areas for improvement.
Provide expert guidance and develop tailored security plans to address specific requirements.
Conduct internal research and leverage knowledge to offer actionable recommendations.
Vulnerability Management:
Work with …
This job isn't fresh anymore!
Search Fresh JobsJob Profile
Work from Home
Benefits/PerksCompetitive pay Competitive pay and benefits Comprehensive medical Disability plans Education assistance Employee assistance plan Fertility Benefits Health savings account Hybrid work Life Insurance Paid parental and caregiver leave Remote-first company Voluntary benefits Work From Home
Tasks- Conduct vulnerability assessments
- Incident response
- Process development
Analytical Automation AWS Collaboration Communication Cyber defense Data onboarding Incident Response Insurance Interpersonal IT Microsoft Defender Network administration Problem-solving Process Development Process Improvement Programming Project Management Python Research Security Engineering Security Tools SIEM Splunk Vulnerability Management
Education TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9