Description:
The SPE Information Security department is responsible for all aspects concerning the Confidentiality, Integrity and Availability of information and data assets belonging to Sony Pictures Entertainment’s various Lines of Business and Affiliates globally.
Primary responsibilities for the team in EMEA are delivery of the Global Information Security program, providing Risk visibility and helping business partners make informed risk decisions, as well as Incident Response, Information Governance, Policy and Compliance, Training and Awareness and Cyber Threat Intelligence.
There is also a high volume of involvement with the security of Content and Operations at the various TV Production companies which form part of SPE’s business, and Motion Picture productions which frequently operate both within the UK and elsewhere within the region.
This is a superb opportunity for a motivated and passionate candidate to gain incredible experience to kickstart their career in Info Sec and in a well respected global Production company.
What You'll Do
- Learn to relate business needs to security controls; understanding the business impact of security tools, technologies, and policies and how best to mitigate them.
- Gain a practical understanding of the Information Criticality Assessment and Risk Assessment processes.
- Practical experience implementing and auditing an information security management system.
- Incident Response procedures and how to react optimally to breaches or other security issues.
- Information Security controls and practices applied within TV and Motion Pictures Productions.
- Participate in the planning and delivery of InfoSec/Cyber Security Training and Awareness programme.
- Develop interpersonal communication skills with the ability to communicate effectively with IT, project and development teams, management and business stakeholders.
- Analysing and making recommendations for existing procedures to increase efficiency and effectiveness.
- Develop strong organisational, project management and multi-tasking skills.
- Ability to simplify complex problems and prioritise tasks based on business impact.
- Gain experience in a multicultural, multinational environment consisting of multi-functional, high-performance teams.
- You will be provided with coaching and mentoring from experienced experts throughout the organisation.
What You Have
- Understanding of Information risk concepts and principles as well as Information Security Frameworks such as NIST and ISO 27001
- Ideally a knowledge of Network architecture (routers, switches, and load balancers).
- Some knowledge of Security technologies (firewalls, IDS/IPS/UTM, advanced endpoint security, AV, FIM).
- Awareness of Operating systems (Windows, OS X, Linux, and UNIX).
- Knowledge of Application Security, Vulnerability Scanners and Penetration Testing.
- Knowledge of Cloud computing platforms (PaaS, IaaS, SaaS)
- Ability to use initiative and asking questions in order to analyse and simplify complex problems
- Curious to learn and happy to take on new challenges
- Good analytical, research, and problem-solving skills with keen attention to detail
- Ability to communicate clearly and concisely with technical and non-technical teams across multiple businesses; written, verbal, presentation, and interpersonal skills.
- Ability to work on multiple projects, with a solid ability to adapt to multifaceted work environments and prioritise tasks accordingly
- Ability to make decisions, use discretion, and display good judgement
- Highly determined and able to work both independently and as part of a multi-disciplined team