If you have a minimum ten years of information security experience, expert knowledge of operational security tactics and a burning desire to prevent the next cyber disaster, this might be the job for you.
On Friday, Sony Corporation of America posted a job opening for a Director of Vulnerability Management Engineering to join the DC-area "Global Information Security and Privacy organization." The position will report to the Senior Director of Security Engineering and will be "a part of the team responsible for establishing a unified enterprise security architecture to secure Sony's information assets, services, and the products that depend on them."
The job requires extensive experience developing security measures to protect against cyberattacks and expert-level familiarity with "advanced persistent threats," presumably of the very kind that have brought the company to its knees in recent weeks.
Sony is clearly gearing up to forestall further damage. The responsibilities for the job include:
Oversee the development of vulnerability management systems, initiatives, integration, and technical assessment support
Lead teams and coordinate efforts or initiatives for penetration testing, system and application vulnerability management, overall technical risk assessments, and hunting operations
Develop and refine global information security technical standards, guidelines, and training
Support coordination of budgetary planning activities for Sony Group company expenditures related to information security tools and services, to include leadership of enterprise mid-range planning activities
Support the management, planning and execution of the global security engineering budget
Assemble and lead diverse sets of information security experts and stakeholders in the formulation of unified information security requirements and architecture standards for Sony's most critical global projects and contracts
Serve as a subject matter expert performing intra-company advisory services related to security architecture strategy and technology implementation
This week, Sony Corp. has also added job listings for a senior risk management analyst; a senior governance, risk and compliance analyst responsible for security and privacy training; and two junior analysts to be part of a "security operations team that will provide design, implementation and 24x7 support of the technology infrastructure that will support a global incident response team."
All interested applicants are referred to Sony's career page.