Listing Description

Role overview:

PlayStation is looking for an Information Security Analyst to join our team and operate the day-to-day Governance, Risk and Compliance management processes for the European Region.

The successful candidate will help to maintain and improve our Information Security Management System, as well as have opportunities to work on projects that deliver our global security strategy.

Based in San Diego, the candidate will be working with business, technical and third party partners as well as working collaboratively with the wider Information Security team across the globe.

What you’ll be doing:

• Coordinates all aspects of information security and provides consulting services to business units and other partners.


• Responsible for the day to day tasks related to key Information Security Management System (ISMS) processes and maintaining our ISO27001 certification.


• Supports the security risk assessment methodology, policy, strategy, and process by performing hands-on gap and risk assessments to identify and document information security risks associated with applications, information systems, cloud and physical IT infrastructures.


• Supports the third-party due diligence and assurance assessment processes and able to articulate and advise on associated risks to the business, contractual requirements and resulting recommendations.


• Triage information security incidents, working with our 24/7 SOC teams, business partners and related third parties, as well as be responsible for reporting and raising where necessary.


• Works with business partners to identify and implement information security requirements related to projects and engagements.


• Develops information security awareness communications and education programs to the business.


• Monitors and reviews IT security controls to identify operational efficiency.


• Supporting the Information Security Manager, performs security audits related to business areas, processes or third parties.


• Maps controls to policies, standards, procedures, and processes to ensure compliance.


• Identifies remediation requirements and can negotiate, track and report on remediation efforts.


• Works with GRC and other security tools to collect and maintain security and risk information.


• Maintains broad knowledge of industry trends in the field of information security and other technologies relevant to systems handled by the operations teams.


• Work with technical teams, partners, and leadership teams to translate security risk mitigation plans into action items to mitigate risk.


• Advances the SIEE InfoSec program via partnerships with shared services teams within information security.

What we’re looking for:

• At least three years of related work experience.


• Experience in business partner/stakeholder management.


• Experience in security due diligence and audits.


• Proven technical background in Information Security risk management, including work related to IT systems and networking


• Experience implementing or assessing security in a cloud-hosted environment.

Desirable Knowledge and Skills:

• Familiarity with AWS (or similar) cloud security and infrastructure


• Knowledge of and experience with SaaS and web infrastructure security


• Privileged access management


• Microsoft Windows and Apple Mac OS hardening


• Policy administration


• Security standards such as SOX, ISO 27001, NIST, PCI


• Ability to handle parallel tasks and accurately detail resolutions


• Excellent attention to detail and meticulous in approach


• Excellent verbal and written communication


• Outstanding independent problem-solving experience


• Bachelor’s degree in Computer Science, Electrical Engineering, Information Security, or related field or equivalent experience


• CISSP and/ or CCSP preferred

Benefits:

• Discretionary bonus opportunity


• Private Medical Insurance


• Dental Scheme


• London Allowance (if applicable)


• 25 days holiday per year


• On Site Gym


• Subsidised Café


• Free soft drinks


• On site bar


• Access to cycle garage and showers