Principal Analyst, Vulnerability Management

Sony Group-posted 8 months ago
$185,000 - $205,000/Yr
Full-time • Senior
Reston, VA
Merchant Wholesalers, Durable Goods
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Sony Corporation of America (SCA), is seeking a Principal Analyst, Vulnerability Management to join the Corporate Information Security Division in Reston, VA. This position will report to the Senior Manager, Vulnerability Management, and be a part of the team responsible for establishing a unified approach to vulnerability reporting to secure Sony's information assets, services, and the products that depend on them, building trust with customers and stakeholders, and protecting the privacy of Sony's customers and employees.

  • Leads the resolution of security challenges, drawing upon the expertise of relevant security subject matter experts for strategic technical guidance and engaging with internal stakeholders, as needed.
  • Advise/Aids in defining and establishing the best practices for vulnerability assessment processes and solutions within the security teams.
  • Propose and/or build solutions/capabilities within the scope of Vulnerability Management to further improve the Vulnerability Management Program (e.g., automation, data analysis, process development).
  • Lead key projects such as vulnerability prioritization to remediate critical key vulnerabilities (and help with reporting via GISO Monthly Sync).
  • Automate existing manual processes to create improved processes and faster delivery across ITD teams.
  • Partner with application and infrastructure owners to provide consulting on vulnerability remediation to allow them to appropriately remediate large highly complex vulnerabilities within the SLA (service level agreement) and reduce risk.
  • Perform vulnerability assessments and common baseline control scans across the environment and report on Key Risks Indicators (KRIs).
  • Create presentations based off KRI materials and keep Management informed of them.
  • Contributes highly innovative ideas and may lead large cross-functional teams, exercising independent judgment to solve unique and complex problems impacting the business.
  • Implement new, and iterate on existing technology, to help identify and mitigate security issues.
  • Maintain awareness of the latest emerging threats and exploitation vectors and provide awareness to internal teams, leadership, and Sony Group company stakeholders on changes to the cyber threat landscape.
  • Support projects to improve data collection, interpretation processes and initiatives regarding threat intelligence and information security.
  • Prepare detailed analysis reports, products, cyber threat assessments, and briefings of security incidents and related intelligence for GSIRT and its stakeholders.
  • Minimum of seven (7) years of experience in information security.
  • Bachelor's degree in an appropriate field, such as information technology or management, or equivalent experience.
  • Expert-level knowledge of information security vulnerability concepts.
  • Experience using threat intelligence tools and management platforms to identify, analyze and track cyber threats.
  • Extensive knowledge of how vulnerabilities work and associated remediation techniques.
  • Deep understanding of network defense principles, common attack vectors, and attacker techniques.
  • Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues in clear and concise language.
  • Experience with scripting and automating processes.
  • Knowledge of the MITRE ATT&CK Framework, Cyber Kill Chain, Diamond Model of Intrusion Analysis, or other relevant network defense and intelligence frameworks preferred.
  • Ability to exercise prudent judgment and discretion.
  • Ability to negotiate compromise between diverse parties with competing equities.
  • Ability to work independently in unstructured situations.
  • Ability to manage multiple projects simultaneously that involve key stakeholders across a globally-distributed and federated enterprise.
  • Ability to travel internationally as required, up to 15%.
  • Comprehensive medical, prescription drug, dental, and vision coverage with coverage for spouses/domestic partners and child dependents, including access to a Health Savings Account (HSA) and Flexible Spending Account (FSA).
  • Employee assistance plan and comprehensive behavioral health benefits.
  • Fertility benefits, including surrogacy, and adoption assistance programs.
  • Basic and supplemental life insurance for employees as well as supplemental life insurance coverage for their spouses/domestic partners and children.
  • Voluntary benefits such as group legal, identity theft protection, accident, and hospital indemnity insurance.
  • Short-term & long-term disability plans.
  • Paid parental and caregiver leave.
  • 401(k) Plan with pre-tax, Roth, and after-tax options and company match with immediate vesting.
  • Education assistance and student loan programs.
  • Flexible Work Arrangements, including remote and hybrid work schedules.
  • Time off to include vacation, paid holidays, sick leave, Summer Fridays (early release), and a winter break between Christmas and New Year's Day (based on business needs).
  • Referral bonuses (subject to eligibility).
  • Matching gift program.
  • A wide variety of employee business resource groups (EBRGs).
  • Special discounts on Sony products, offered exclusively to Sony employees.
  • Employee stock purchase plan (Sony covers commissions and fees for your Sony stock purchases made through after-tax payroll deductions).
  • Annual incentive bonus.
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service