Principal Cyber Defense Engineer

Sony Corporation of America, located in New York, NY, is the U.S. headquarters of Sony Group Corporation, based in Tokyo, Japan. Sony's principal U.S. businesses include Sony Electronics Inc., Sony Interactive Entertainment LLC, Sony Music Entertainment, Sony Music Publishing and Sony Pictures Entertainment Inc. With some 900 million Sony devices in hands and homes worldwide today, a vast array of Sony movies, television shows and music, and the PlayStation Network, Sony creates and delivers more entertainment experiences to more people than anyone else on earth. To learn more: www.sony.com/en.Position SummaryWe are seeking a highly skilled and experienced Principal Cyber Defense Engineer to join our newly formed Cyber Defense Team at Sony. This role is pivotal in ensuring the security and integrity of our systems by managing cyber defense operations, facilitating data onboarding, and supporting network administration tasks. The ideal candidate will have a strong background in security engineering, with a focus on automation and process improvement. Additionally, this role involves acting as an internal consultant to our operating companies, providing guidance and support to meet their security needs, and assisting with vulnerability assessments and remediation efforts where needed.Job ResponsibilitiesData Onboarding:• Support the data onboarding process into Splunk, ensuring accurate and efficient data collection.• Utilize methods such as Syslog (TLS), HTTP Event Collector (HEC), AWS S3, and Microsoft Azure EventHub for data integration.• Maintain and optimize Splunk Universal Forwarder (UF) and Heavy Forwarder (HF) configurations.• Ensure data normalization using Splunk's Common Information Model (CIM) for consistent and efficient searching, correlation, and reporting.Cyber Defense Operations:• Focus on automation to streamline and enhance security processes.• Work with Sony Companies to assist with managing and optimize Microsoft Defender MDE.• Integrate data into the SIEM by onboarding data via methods such as syslog and HTTP event forwarders.• Act as the primary point of contact for operating companies, assisting with connections to the internal GSIRT group.• Data onboarding• Develop and implement security measures and protocols.• Collaborate with the Incident Response (IR) team to ensure comprehensive security coverage.• Perform basic network administration tasks, such as logging into firewalls and checking versions.• Support general project tasks related to network security.• Proactively reach out to operating companies to understand their security needs and areas for improvement.• Provide expert guidance and develop tailored security plans to address specific requirements.• Conduct internal research and leverage knowledge to offer actionable recommendations.Vulnerability Management:• Work with operating companies to prioritize attack surface management findings.• Provide remediation guidance and support to address identified vulnerabilities.• Ensure timely and effective resolution of security vulnerabilities.Process Development:• Establish and document new processes and procedures.• Continuously improve existing processes to enhance efficiency and effectiveness.Honesty, trustworthiness and ethical conduct are material requirements for the responsibilities outlined aboveQualifications For PositionYour qualifications and experience should include: Required Skills• Splunk Data Onboarding• Experience with Splunk Universal Forwarder (UF) and Heavy Forwarder (HF)• Proficiency with HTTP Event Collector (HEC)• Familiarity with data onboarding methods: Syslog (TLS), AWS S3, Microsoft Azure EventHub• Splunk Administration and Usage Building dashboards, reports, and advanced queries• Understanding of Splunk's Common Information Model (CIM) Project Management and Collaboration• Handling tight deadlines and multiple projects• Collaborating with infrastructure engineering and security teamsPreferred Skills• Big Data and Data Platforms• Familiarity with other big data tools like ELK (Elasticsearch, Logstash, Kibana) Advanced Splunk Features• Knowledge of Splunk Database (DB) Connect• Understanding of Summary Index and how to exclude events from being indexed• Familiarity with important Splunk configuration files Security Knowledge Vulnerability management and attack surface reduction• Experience with Microsoft Defender Implementing and maintaining SIEM logging standards• Creating security reports and escalating issues• General IT Skills• Adaptability to significant changes in projects or work environments• Ability to conduct independent research and self-learningExperience• Extensive experience in cyber defense and security engineering, preferably as a principal or lead role within a cyber defense team• Proven track record of managing and optimizing security operations with a strong emphasis on automation.• Demonstrated ability to leverage automation tools and techniques to streamline security operations and improve efficiency.• Experience in scripting and automating tasks using Python or other relevant programming languages.• Proven ability to integrate and automate security tools and platforms, such as Microsoft Defender MDE and Splunk.• Experience in creating automated workflows for vulnerability management and remediation.• CISSP, CISM, or other relevant security certifications is a plus• Excellent communication and interpersonal skills.• Strong problem-solving and analytical abilities.• Ability to work independently and as part of a team.• Comfortable with reaching out to and consulting with internal stakeholders.• All candidates must be authorized to work in the USA.In addition to competitive pay and benefits, we offer an environment and culture that promotes Diversity, Equity, and Inclusion. We are committed to creating an inclusive employee experience for you to thrive as part of Sony’s purpose to “fill the world with emotion through the power of creativity and technology”.Benefits:   SCA offers benefits-eligible employees (generally regular employees scheduled to work 20 or more hours a week) a comprehensive benefits program that offers coverage and support for employees and their family’s physical, emotional, and financial well-being.   What we offer you:• Comprehensive medical, prescription drug, dental, and vision coverage with coverage for spouses/domestic partners and child dependents, including access to a Health Savings Account (HSA) and Flexible Spending Account (FSA) • Employee assistance plan and comprehensive behavioral health benefits• Fertility benefits, including surrogacy, and adoption assistance programs  • Basic and supplemental life insurance for employees as well as supplemental life insurance coverage for their spouses/domestic partners and children • Voluntary benefits such as group legal, identity theft protection, accident, and hospital indemnity insurance • Short-term & long-term disability plans  • Paid parental and caregiver leave  • 401(k) Plan with pre-tax, Roth, and after-tax options and company match with immediate vesting• Education assistance and student loan programs    Other Programs: • Flexible Work Arrangements, including remote and hybrid work schedules• Time off to include vacation, paid holidays, sick leave, Summer Fridays (early release), and a winter break between Christmas and New Year’s Day (based on business needs)• Referral bonuses (subject to eligibility)  • Matching gift program  • A wide variety of employee business resource groups (EBRGs)  • Special discounts on Sony products, offered exclusively to Sony employees• Employee stock purchase plan (Sony covers commissions and fees for your Sony stock purchases made through after-tax payroll deductions)  • Annual incentive bonusThe anticipated annual base salary for this position is $175,000 to $190,000. This range does not include any other compensation components or other benefits that an individual may be eligible for. The actual base salary offered depends on a variety of factors, which may include as applicable, the qualifications of the individual applicant for the position, years of relevant experience, specific and unique skills, level of education attained, certifications or other professional licenses held, and the location in which the applicant lives and/or from which they will be performing the job.Sony is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), gender, national origin, citizenship, ancestry, age, physical or mental disability, military status, status as a veteran or disabled veteran, sexual orientation, gender identity or expression, marital or family status, genetic information, medical condition, or any other basis protected by applicable federal, state, or local law, ordinance, or regulation.SCA will consider qualified applicants with arrest or conviction records in accordance with applicable law.Disability Accommodation for Applicants to Sony Corporation of AmericaSony Corporation of America provides reasonable accommodation for qualified individuals with disabilities and disabled veterans in job application procedures. For reasonable accommodation requests, please contact us by email at careers@sonyusa.com or by mail to: Sony Corporation of America, Human Resources Department, 25 Madison Avenue, New York, NY 10010. Please indicate the position you are applying for.EEO is the LawEEO is the Law SupplementRight to Work (English/Spanish)E-Verify Participation (English/Spanish)While SCA does not require employees to be vaccinated against COVID-19, there are certain Sony offices that require employees to be vaccinated in order to enter. If you will be located at or travel to those offices, you will be required to be fully vaccinated to enter. The Company will consider requests for reasonable accommodations for documented medical reasons and for sincerely held religious beliefs in accordance with applicable law. Please do not include proof of vaccination status or any indication of a possible request for a vaccination accommodation when submitting your application materials. If applicable, the Company will follow up with you directly to request proof of vaccination and to discuss any potential accommodations.