Security Incident Response Engineer

Why PlayStation?

PlayStation isn’t just the Best Place to Play — it’s also the Best Place to Work. Today, we’re recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation®5, PlayStation®4, PlayStation®VR, PlayStation®Plus, acclaimed PlayStation software titles from PlayStation Studios, and more.

PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team.

The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Group Corporation.

The Security Incident Response Team (SIRT) Engineers support the business operations of SIE through rapid mitigation of all cyber security incidents. They support and coordinate incident response within the organization, serve as a trusted point of contact and clearinghouse for security incident-related information. They cooperate with other security teams within the broader Sony and the gaming industry. This team is a highly technical team, with extensive hands-on role in a multifaceted and fast-paced environment! The candidate will need to have a good mixture of deep technical know-how as well as a thorough understanding of various information security topics. SIRT Engineers are also responsible for the ongoing improvement of intrusion detection rules, incident response plan (IRP), processes and procedures and other department related documentation.

Essential Duties and Responsibilities:

• Responding to critical incidents, threats, actively exploited vulnerabilities and bring these issues to resolution
• Actively drive incident response, document and communicate findings, coordinate efforts and provide periodic updates to leadership
• Improve and challenge existing processes and procedures in an agile and fast paced information security environment
• Able to perform digital forensics investigations and malware analysis
• Perform threat hunting activities across the environment, contribute to detection engineering efforts and participate in purple teaming
• Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; forensics and incident response
• Use and expand the capabilities of existing analytical tools and technologies; recommend new technologies as appropriate
• Manage and improve the forensic acquisition and analysis environment
• Act as mentor for SOC Analysts
• Position includes on call responsibilities

Required Experience, Skills and Knowledge:

• 3+ years of experience in a hands-on technical role working within the Information Security Field, with emphasis on Intrusion Detection, Incident Response, Digital Forensics and Malware Analysis
• Ability to prioritize and execute in a methodical manner, as well as to set and handle expectations with senior leadership and team members, high attention to detail
• Good understanding of and hands-on experience with operating systems (Windows, Linux, MacOS) and web applications
• Proficiency in networking concepts and experienced in network device configuration, firewalling and protocol analyzers
• Experience in cloud-based environments such as AWS, Azure, GCP
• Experience with Python and one or more languages such as PowerShell in an incident handling environment
• Experience in digital forensics and tools such as Axiom, FTK, Volatility, Surge, Rekall, Cellebrite, GRR, X-Ways
• Advanced knowledge and experience with Splunk or ElasticSearch
• Experience and proficiency with any of the following: Intrusion analysis, Host-Based Forensics, Network Forensics, Malware Analysis concepts and methods

Desired:

• Experience in security engineering such as security device installations, configurations, troubleshooting
• Knowledge of and experience in Endpoint Security, Cloud Security, Network Security, Application Security monitoring
• Familiarity with network and application penetration testing
• Familiarity with reverse engineering malware and tools associated with the task

Education, Certifications:

• Bachelor of Science or equivalent experience in Computer Science, Computer Engineering, Information Technology, Cyber Security, Intelligence studies
• Certifications such as GIAC GCIA, GCIH, GCFA, GCFE, GREM and other are a plus, but skill level carries more weight

#LI-GM1

Equal Opportunity Statement:

Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category.

We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond. 

PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.