Mgr, Vulnerability Management, Information Security
Sony Pictures
Culver City, CAThis was removed by the employer on 2/12/2018 12:51:00 PM PST
Not to worry we have many other jobs on the site;
Browse all jobs
Browse the IS/IT Category
Search for Mgr, Vulnerability Management, Information Security jobs in Culver City-CA
Search all Mgr, Vulnerability Management, Information Security postings
Full Time Job
Mgr, Vulnerability Management, Information Security
General Summary
The job's primary purpose and overall scope of responsibility.
Manager, Information Security reports to the Vice President, Information Security, and to operationalize vulnerability management program initiatives. The Manager, Information Security has strong vulnerability management, ethical hacking and penetration testing experience. The primary responsibility is to manage the state of vulnerabilities across multiple operating environments, assets, products, and services. The person in this role will generate vulnerability reporting to drive appropriate actions by all levels of the organization. Additionally, the person will work with management and stakeholders to prioritize remediation activities and optimizing the remediation efforts in a dynamic environment.
This position requires strong experience with security vulnerabilities, application analysis, malware analysis, protocol analysis, and debugging. The incumbent exposes security vulnerabilities and risks and presents those risks to management and other technical individuals with recommended advice and solutions to mitigate such vulnerabilities. The person also has experience with secure coding practices, application and network infrastructure security and vulnerability assessment methodologies.
Core Responsibilities
The job's most important functions and responsibilities and percentage of time spent on each.
• Investigate and identify technical security issues and weaknesses and design solutions to prevent future re-occurrences. Conduct technical security training where appropriate to different lines of business and IT. This may involve transference of skills to others where a new information security process has been established. Advise internal lines of business, IT partners, and 3rd parties on how to remediate technical security issues and verify remediation activities.
• Responsible for in-depth technical security testing of company websites, network infrastructure, and applications using a combination of automated & manual commercial/open-source tools. Responsible for technical and executive level reports on technical security issues.
• Design, document, and implement technical information security processes, procedures, guidelines, and solutions.
• Support technical assessments of 3rd party vendors and mergers/acquisitions.
• Serve as an internal information security consultant to the organization. Assist in the review of applications and/or technology environments to assess information security risk.
Required
• Bachelor's degree or equivalent working experience
Specialty - Knowledge, Skills and Abilities Required
Knowledge of:
• White Box or Black Box penetration testing experience. Knowledge in both types of testing environments is essential.
• Existing and emerging techniques used by malware.
• Security hardening techniques for Server OS (Windows, Unix & Linux), Databases (MySQL, Oracle, MS SQL), and Application Servers (JBOSS, WebSphere).
• Computer, systems and network architecture; operating systems, virtual environment, and networking protocols.
• Compiled and interpreted programs, for example: database systems, web Servers, application Servers, mainframes, Firewalls, Routers, load balancers, Switches, and different types of Middleware.
Skill In:
• Using commercial and open source security testing tools.
• Reverse engineering complex code, using tools such as IDA Pro, OllyDBG and other similar tools.
• Programming in 2 or more of the following; C, Java, .Net, SQL.
• Shell scripting in 2 or more of the following; Perl, Bash,PHP, WMI, SED.
• Reviewing application source code for security vulnerabilities.
• Using debuggers and/or decompilers.
Ability To:
• Take on new responsibilities and influence others as needed to deliver consistent results.
• Pick up new skills through self-learning and on the job training.
• Demonstrate strong verbal communications skills and concise written communication skills.
• Demonstrate strong organizational and attention to detail skills.
• Manage competing priorities while maintaining organized and detailed reporting of status and progress.
*Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics.
* Sony Pictures - CA - Culver City Area & Studios