Senior Security Incident Response Engineer

Why PlayStation?

PlayStation isn’t just the Best Place to Play — it’s also the Best Place to Work. Today, we’re recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation®5, PlayStation®4, PlayStation®VR, PlayStation®Plus, acclaimed PlayStation software titles from PlayStation Studios, and more.

PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team.

The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Corporation.

The Security Incident Response Team (SIRT) Engineers support the business operations of SIE through rapid mitigation of all high severity cyber security incidents. They support and coordinate incident response within the organization, serve as a trusted point of contact and clearinghouse for security incident-related information. They cooperate with other security teams within broader Sony and the gaming industry. They work very closely and collaborate with the SOC, Threat Intelligence and Engineering teams. This team is a highly technical team, with extensive hands-on role in a dynamic and fast-paced environment. The candidate will need to have a good mixture of deep technical know-how as well as a background in various information security concepts. SIRT Engineers are also responsible for the ongoing development and improvement of intrusion detection rules, threat hunting activities, the incident response plan (IRP) and other department related documentation.

Essential Duties and Responsibilities:

  • Responding to critical incidents, threats, actively exploited vulnerabilities and bring these issues to resolution. Actively drive incident response, document and communicate findings, coordinate efforts and provide regular updates to leadership; act as the incident commander.
  • Conduct detailed investigations using multiple tools and methods to correlate and analyze relevant events from various sources.
  • Able to perform digital forensics investigations and malware analysis, perform live response data collection and analysis on hosts of interest in an investigation.
  • Perform proactive threat hunting activities to search across the environment for indicators of compromise using available technology.
  • Continually create new knowledge base articles and pattern discovery to be used for discovery, alerting and detection; contribute to content development for detection purposes (content engineering).
  • Position includes on call responsibilities.
  • Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; forensics and incident response.
  • Manage and improve the forensic analysis environment including forensic evidence acquisition and analysis tools. Use and expand the capabilities of existing analytical tools and technologies; recommend new technologies as appropriate; Improve and challenge existing processes and procedures.

Required Experience, Skills and Knowledge:

  • Bachelor of Science or equivalent experience in Computer Science, Computer Engineering, Information Technology, Cyber Security, Intelligence studies.
  • 5+ years of experience in a hands-on technical role working within the Information Security Field, with emphasis on Intrusion Detection, Incident Response, Digital Forensics and Malware Analysis.
  • Ability to prioritize and implement in a methodical manner, as well as to set and handle expectations with senior leadership and team members. Ability to analyze complex problems, quickly develop creative solutions, and adapt to a fast-paced environment. A good ability to multi-task and manage varying priorities.
  • Excellent verbal and written communication and presentation skills, high attention to detail.
  • Solid understanding of and hands-on experience with operating systems (Windows, Linux, OS X) and web applications. Proficiency in networking concepts. and experienced in network device configuration, routing, switching and firewalling.
  • Solid experience with and knowledge of application security, network security and endpoint security tools.
  • Proficient with one or more scripting languages such as Perl, Python, PowerShell etc. in an incident handling environment.
  • Hands-on experience in cloud-based environments such as AWS, Azure, GCP.
  • Hands-on experience in digital forensics and tools associated with the task such as Axiom, FTK, GRR, X-Ways, Volatility, Surge, Rekall, BlackLight, MacQuisition
  • Advanced knowledge and experience with Splunk and/or Kibana.
  • Experience and proficiency with any of the following: Intrusion analysis, Host-Based Forensics, Network Forensics, Malware Analysis concepts and methods.

Desired:

  • Experience in red/purple teaming or penetration testing.
  • Experience in reverse engineering malware and tools associated with the task such as IDA Pro, OllyDbg, Radare2
  • One of more certifications such as GIAC GCIA, GCIH, GCFE, GCFA, GREM is a plus, but skill level carries more weight

#LI-GM1

 Please refer to our Candidate Privacy Notice for more information about how we process your personal information, and your data protection rights.

 

At SIE, we consider several factors when setting each role’s base pay range, including the competitive benchmarking data for the market and geographic location. 

Please note that the base pay range may vary in line with our hybrid working policy and individual base pay will be determined based on job-related factors which may include knowledge, skills, experience, and location. 

In addition, this role is eligible for SIE’s top-tier benefits package that includes medical, dental, vision, matching 401(k), paid time off, wellness program and coveted employee discounts for Sony products. This role also may be eligible for a bonus package. Click here to learn more.

This is a flexible role that can be remote, with varying pay ranges based on geographic location. For example, if you are based out of Seattle, the estimated base pay range for this role is listed below.

$140,000 - $210,000 USD

Equal Opportunity Statement:

Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category.

We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond. 

PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf


Select...
Select...
Select...
Select...
Select...
Select...
Select...

US Voluntary Demographic Question

 

Voluntary Self-Identification

Our vision at PlayStation is to bring out the best in our global team members by creating a sense of belonging, being a place where they can grow, and ensuring everyone feels valued, heard, and supported so we can push the boundaries of play. That vision begins our candidates, and we are working to better understand the diversity of our candidate population.  
 
This data will also be aggregated and sent to the government for reporting purposes. Please know that the completion of this form is entirely voluntary. Your personally identifiable information (name, address, etc) will not be considered in the hiring process or thereafter. Any information that you choose to provide will be recorded and maintained in a confidential file for XX time.

 

Protected Veteran

You are a “protected veteran” under United States law if any of the following apply to you:

  • Disabled Veteran: a veteran of the U.S. military who is entitled to compensation (or who would be entitled to compensation if not for the receipt of military retired pay) under the administration of the Secretary of Veterans Affairs and/or a person who was discharged or released from active duty because of a service-connected disability. 
  • Recently Separated Veteran: a veteran who has discharged or released from active duty in the U.S. military within the last three years.
  • Armed Forces Service Medal Veteran: a veteran who, while serving on active duty in the U.S. military, participated in a U.S. military operation for which an Armed Forces Service Medal was awarded pursuant to Executive Order 12985.

 

Disability

Under U.S. law, you are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

Identifying yourself as an individual with a disability is voluntary, and we hope that you will choose to do so. Your answer will be maintained confidentially and will not be seen by selecting officials or anyone else involved in making personnel decisions, nor will it be shared with our accommodations team . Completing the form will not negatively impact you in any way, regardless of whether you have self-identified in the past.

Select...
Select...
Select...
Select...
Select...
Select...
Select...
Select...