Cyber Security Testing Analyst

About Sony Music Entertainment

At Sony Music Entertainment, we fuel the creative journey. We’ve played a pioneering role in music history, from the first-ever music label to the invention of the flat disc record. We’ve nurtured some of music’s most iconic artists and produced some of the most influential recordings of all time.

Today, we work in more than 70 countries, supporting a diverse roster of international superstars, developing and independent artists, and visionary creators. From our position at the intersection of music, entertainment, and technology, we bring imagination and expertise to the newest products and platforms, embrace new business models, employ breakthrough tools, and provide powerful insights that help our artists push creative boundaries and reach new audiences. In everything we do, we’re committed to artistic integrity, transparency, and entrepreneurship.

Sony Music Entertainment is a member of the Sony family of global companies.

Sony Music is looking for a motivated and passionate early career individual to join our Global Information Security team as a cyber security testing analyst. Our Security team works across the organization to help ensure that Sony Music’s applications, platforms, and digital experiences are designed and maintained with security in mind.

In this role, you will contribute to hands‑on security testing and assurance activities, collaborate closely with engineering and technology teams, and continuously develop your technical and analytical skills. You will help identify weaknesses before they become incidents and support efforts to strengthen the security of systems that protect sensitive data such as credentials, personal information, and business‑critical content.

What you'll do:

• Conduct technical security testing of applications, systems, APIs, websites, and supporting infrastructure in partnership with other members of the Global Information Security team
• Participate in vulnerability assessments, penetration testing activities, and security validation efforts using a mix of manual techniques and automated tools
• Perform manual assessments that may include structured Q&A‑based evaluations, evidence review, and technical validation of controls implemented by engineering or platform teams
• Analyze findings, validate risk, and assist with clear documentation of security issues to support effective remediation by engineering and technology teams
• Collaborate with developers, platform owners, and product teams to answer security questions, clarify findings, and support secure design decisions
• Research emerging threats, vulnerabilities, tooling, and attack techniques (including those involving automation and AI‑enabled threats) and assess their potential relevance to Sony Music
• Contribute to the ongoing evolution of security testing playbooks, processes, and documentation to improve consistency and coverage over time
• Develop proficiency with modern security tools, scripting, and testing approaches as part of your on‑the‑job learning and professional growth

Who you are:

• You have 2+ years of hands‑on experience working in an enterprise environment within the cyber security field, ideally in security testing, vulnerability management, application security, or a closely related discipline
• You’ve participated in real‑world security assurance activities, including hands‑on testing and structured security assessments based on technical questionnaires, evidence review, and control validation
• You are comfortable evaluating technical security controls even when the work involves discussion, documentation, or Q&A — not just running tools or exploits
• You understand how security operates at scale, including exposure to enterprise environments, shared services, multiple stakeholders, and operational constraints
• You bring curiosity to how systems behave under both normal and abnormal conditions, and you naturally dig deeper than surface‑level scan results
• You know when and how to responsibly leverage AI and LLMs in your work — such as accelerating research, analyzing findings, drafting documentation, or exploring potential attack paths — while understanding their limitations, risks, and the importance of human judgment
• You communicate clearly and professionally, especially when explaining technical security issues and risk to audiences with varying levels of technical depth
• You are methodical, detail‑oriented, and accountable for your work, with a strong sense of ownership over outcomes — not just tasks
• You are motivated to deepen your technical skills over time and interested in growing into more specialized security testing, assurance, or security engineering roles as your experience matures

What we give you:

• You join an inclusive, collaborative and global community where you have the opportunity to channel your passion every day  
• A modern office environment designed to foster productivity, creativity, and teamwork empowering you to bring your best 
• An attractive and comprehensive benefits package including medical, dental, vision, life & disability coverage, and 401K + employer matching 
• Voluntary benefits like company-paid identity theft protection and resources for pets, mental health and meditation resources, industry-leading fertility coverage, fully paid leave for childbirth or bonding, fully paid leave for caregivers, programs for loved ones with developmental disabilities and neurodiversity, subsidized back-up child and elder care, and reimbursement for adoption, surrogacy, tuition, and student loans 
• Investment in your professional growth and development enabling you to thrive in our vibrant community.  
• The space to accelerate progress, positively disrupt, and create what happens next  
• Time off for a winter recess

Sony Music is committed to providing equal employment opportunity for all persons regardless of age, disability, national origin, race, color, religion, sex, sexual orientation, gender, gender identity or expression, pregnancy, veteran or military status, marital and civil partnership/union status, alienage or citizenship status, creed, genetic information or any other status protected by applicable federal, state, or local law.