Senior Engineer Detection

Sony Corporation of America, located in New York, NY, is the U.S. headquarters of Sony Group Corporation, based in Tokyo, Japan. Sony's principal U.S. businesses include Sony Electronics Inc., Sony Interactive Entertainment LLC, Sony Music Entertainment, Sony Music Publishing and Sony Pictures Entertainment Inc. With some 900 million Sony devices in hands and homes worldwide today, a vast array of Sony movies, television shows and music, and the PlayStation Network, Sony creates and delivers more entertainment experiences to more people than anyone else on earth. To learn more: www.sony.com/en.

Position Summary

Sony Corporation of America is seeking a Senior Engineer Detection & Response to fill a cybersecurity hybrid role primarily focusing on security monitoring, automation, detection engineering, and incident response. This position will operate as part of a geographically dispersed Cyber Defense Team within the Global Security Incident Response Team (GSIRT), with the ability to work independently while maintaining strong communication and collaboration across the team. This role involves working as an internal expert to Sony's operating companies, providing guidance and support to meet their security needs, and assisting with projects where needed.

Key Responsibilities:

Security Monitoring & Automation:

• Perform security monitoring and incident response activities across the Sony Group's global networks, leveraging a variety of tools and techniques.
• Investigate security events and incidents including initial infection vector determination, damage assessment, and creation and identification of new indicators of compromise (IOC's) which are fed back into a larger detection security stack.
• Assist with the development and documentation of automation to streamline and improve operational efficiencies by identifying processes, creating their workflow, and converting them to playbook for automation.

Incident Response & Digital Forensics:

• Detect incidents through proactive "hunting" across security-relevant data sets.
• Collect and analyze information from various data sources to assist in analyzing potential threats.
• Assist with computer forensic examinations, including preservation, acquisition, and analysis of digital evidence where necessary.
• Document incident response and forensic analysis activities through standard operating procedures to ensure consistency in approach across analyst teams.

Detection Engineering:

• Research, contribute to, and maintain detection capabilities for the latest threats across SIEM correlations and security tool signatures.
• Contribute to and participate in efforts to improve effectiveness, advancing technical capabilities at pace with the latest threats and reducing exposure time.
• Support and integrate with incident response, threat intelligence, and overall security strategy as needed.
• Generate and maintain high quality documentation of research and analysis results, including processes and findings clearly and concisely to both technical and non-technical audiences.

Internal Consultancy & Other Projects:

• Act as the point of contact for operating companies, assisting with coordination and collaboration amongst other internal GSIRT groups.
• Provide expert guidance and develop tailored security plans to address specific requirements.
• Participate in IR tabletop exercises serving as an incident responder to help identify gaps, improve skills and responsiveness, and consistent communication with stakeholders.

Process Development:

• Establish and document new processes and procedures.
• Continuously improve existing processes to enhance efficiency and effectiveness.

Required Skills and Qualifications:

Experience:

• Proficiency in responding to security incidents on Windows, MacOS, and Linux operating systems.
• At least 5 years of experience performing hands-on log analysis in support of incident response OR applicable training/certification.
• Proficiency in responding to security incidents on various platforms, including but not limited to cloud IaaS and SaaS platforms (e.g. AWS, GCP, or M365). M365/Azure experience is preferred.
• At least 2 years of experience developing threat detection content in support of incident response.
• At least 2 years of experience with Splunk preferred.
• Experience creating detection content using Splunk Enterprise Security is strongly preferred.
• All candidates must be authorized to work in the US.

Technical Skills:

• Strong understanding and experience with SIEM, endpoint, and network technologies for security operations.
• Understanding of Windows and Linux operating systems, as well as command line tools.
• Understanding of Cloud architecture and security monitoring of cloud environments.
• Strong interest in Endpoint Detect Response (EDR) technologies (preference given to candidates with experience with CrowdStrike and Microsoft Defender).
• Knowledge of security orchestration and automation tools and techniques.
• Proficiency with CI/CD pipelines and tools is preferred.
• Experience in creating automated workflows for vulnerability management and remediation is preferred.

Soft Skills:

• Strong communication and interpersonal skills.
• Strong problem-solving and analytical abilities.
• Ability to work independently and as part of a team.
• Comfortable with reaching out to and consulting with internal stakeholders.

Benefits:

SCA offers benefits-eligible employees (generally regular employees scheduled to work 20 or more hours a week) a comprehensive benefits program that offers coverage and support for employees and their family's physical, emotional, and financial well-being.

• Comprehensive medical, prescription drug, dental, and vision coverage with coverage for spouses/domestic partners and child dependents, including access to a Health Savings Account (HSA) and Flexible Spending Account (FSA).
• Employee assistance plan and comprehensive behavioral health benefits.
• Fertility benefits, including surrogacy, and adoption assistance programs.
• Basic and supplemental life insurance for employees as well as supplemental life insurance coverage for their spouses/domestic partners and children.
• Voluntary benefits such as group legal, identity theft protection, accident, and hospital indemnity insurance.
• Short-term & long-term disability plans.
• Paid parental and caregiver leave.
• 401(k) Plan with pre-tax, Roth, and after-tax options and company match with immediate vesting.
• Education assistance and student loan programs.

Other Programs:

• Flexible Work Arrangements, including remote and hybrid work schedules.
• Time off to include vacation, paid holidays, sick leave, Summer Fridays (early release), and a winter break between Christmas and New Year's Day (based on business needs).
• Referral bonuses (subject to eligibility).
• Matching gift program.
• A wide variety of employee business resource groups (EBRGs).
• Special discounts on Sony products, offered exclusively to Sony employees.
• Employee stock purchase plan (Sony covers commissions and fees for your Sony stock purchases made through after-tax payroll deductions).
• Annual incentive bonus.

The anticipated annual base salary for this position is $155,000 to $165,000. This range does not include any other compensation components or other benefits that an individual may be eligible for. The actual base salary offered depends on a variety of factors, which may include as applicable, the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the location in which the applicant lives and/or from which they will be performing the job.

#LI-SC1

Sony is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), gender, national origin, citizenship, ancestry, age, physical or mental disability, military status, status as a veteran or disabled veteran, sexual orientation, gender identity or expression, marital or family status, genetic information, medical condition, or any other basis protected by applicable federal, state, or local law, ordinance, or regulation.

SCA will consider qualified applicants with arrest or conviction records in accordance with applicable law.

Disability Accommodation for Applicants to Sony Corporation of America

Sony Corporation of America provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in job application procedures. For reasonable accommodation requests, please contact us by email at careers@sonyusa.com or by mail to: Sony Corporation of America, Human Resources Department, 25 Madison Avenue, New York, NY 10010. Please indicate the position you are applying for.