Information Security Analyst
Job Description
Why PlayStation?
PlayStation isn't just the Best Place to Play - it's also the Best Place to Work. Today, we're recognized as a global leader in entertainment producing The PlayStation family of products and services including PlayStation5, PlayStation4, PlayStationVR, PlayStationPlus, acclaimed PlayStation software titles from PlayStation Studios, and more.
PlayStation also strives to create an inclusive environment that empowers employees and embraces diversity. We welcome and encourage everyone who has a passion and curiosity for innovation, technology, and play to explore our open positions and join our growing global team.
The PlayStation brand falls under Sony Interactive Entertainment, a wholly-owned subsidiary of Sony Corporation.
Role Summary
Information Security Governance, Risk and Compliance is looking for a Security Awareness Analyst to become a member of the team at PlayStation. Located within regular commuting distance of our Rancho Bernardo San Diego, CA office, the successful candidate will develop, build, and deliver an outstanding Security Awareness Program to employees worldwide. With so much creative talent at PlayStation, the possibilities are many and really only limited by the imagination and influence of the individual!
Responsibilities
1. Program Development[20%]
Contribute and support an engaging Security Awareness Program that influences attitudes and changes behaviors to build a safer work environment.
Ensure the Program meets Sony Group compliance requirements and relevant industry regulations and standards.
Socialize the Program to other teams and promote its adoption, taking into consideration different cultures, nationalities and languages.
Solicit feedback from colleagues and partners to identify gaps and opportunities to evolve the Program.
Continuously evaluate and manage Program vendors and services.
Analyze metrics, derive insights, and prepare consolidated reporting illustrating the impact of the Program effectiveness.
2. Operations[40%]
Acquire and curate content for the Program.
Regularly deliver cyber security training globally.
Regularly deliver simulated phishing emails globally.
Oversee the delivery of training and phishing in business units outside the Program.
Troubleshoot user issues and liaise with internal stakeholders and external vendors to resolve them.
Administrate SaaS services used to deliver training and simulated phishing emails.
Regularly prepare and send reports to management.
Create engaging content to ensure that the Program message is heard and applied in diverse and original forms (e.g. articles, posters, board games, videos, flyers, learning modules).
Publish content to Intranets.
Coordinate the delivery of security advisories and urgent communications to a global employee audience through the Corporate Communications department.
Organize and host events through a variety of mediums (e.g. online webinars, lunch-and-learns, workshops, and seminars).
Conduct security awareness assessments and surveys to gauge employee knowledge and behavior.
Monitor the Program mailbox and respond to queries from employees.
Provide support and guidance to employees on security-related issues and best practices.
Stay current on the latest cybersecurity threats and trends to update training content accordingly.
Assist in the development and enforcement of security policies and procedures.
Other duties as prescribed by the Program.
3. Project Management[40%]
Plan and deliver engaging activities for Cyber Security Month in October.
Introduce new Program improvements:
Assess the feasibility of new improvement opportunities.
Develop a plan that explains objectives, benefits, design, implementation tasks, timings, operational roles and responsibilities, communications, training and support.
Influence stakeholders to get their support.
Collaborate with subject matter experts and provide technical requirements.
Motivate contributors to complete tasks against agreed milestones.
Prepare regular status reports on progress and call out challenges or delays.
Develop performance indicators and measure the impact.
Prioritize and balance multiple projects simultaneously.
Experience and Skills
Minimum 2 years of cyber security experience.
A bachelor's degree in cyber security, marketing, education, or a related field.
Experience speaking publicly to large audiences at workshops/events/seminars either as trainer or an authority on the presentation material.
Confident "people person" that can casually establish and maintain productive working relationships.
Strong communication and presentation skills, knowledge of cyber security principles, and the ability to create engaging training content.
Attentive, organized and good attention to detail.
Quick learner with the ability to multi-task.
Proactive and self-motivated, yet capable of forming a team as needed.
Ability to take complex topics and form simple and concise messaging.
Professional writer, able to research and prepare timely, high quality, clearly written materials free of grammatical errors and spelling mistakes.
Good knowledge of Office 365.
CISSP, CISM or ISO/IEC 27001 Lead Implementer an advantage.
Please refer to ourCandidate Privacy Noticefor more information about how we process your personal information, and your data protection rights.
At SIE, we consider several factors when setting each role's base pay range, including the competitive benchmarking data for the market and geographic location.
Please note that the base pay range may vary in line with our hybrid working policy and individual base pay will be determined based on job-related factors which may include knowledge, skills, experience, and location.
In addition, this role is eligible for SIE's top-tier benefits package that includes medical, dental, vision, matching 401(k), paid time off, wellness program and coveted employee discounts for Sony products. This role also may be eligible for a bonus package. Clickhere to learn more.
Equal Opportunity Statement:
Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category.
We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.
PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.
SCEA provides equal employment opportunity for all applicants and employees. SCEA does not unlawfully discriminate on the basis of race, color, religion, gender, gender identity, marital status, age, disability, veteran status, sexual orientation, national origin, or any other category protected by applicable federal and state law. SCEA also makes reasonable accommodations for disabled applicants and employees.
*Please mention you saw this ad on DiversePositions.*