Information Security Manager
Sony PicturesLondon, UK
Full Time Job
Information Security Manager
The Information Security Manager will be based in London UK, reporting to the regional Information Security Director and will assist in the delivery of the Sony Pictures Entertainment information security program to offices and employees in the Europe, Middle East and Africa region.
The responsibilities of the Information Security Manager will include:
• Managing multiple aspects of the information security program, including policy, compliance, risk management, and ad-hoc consultancy to the business
• Engaging with business stakeholders to understand business practices; gathering and facilitating the convergence of business, technical and security requirements; liaising with IT to align the environment with existing and future requirements
• Risk assessing external entities (e.g. vendors, suppliers, partners, joint ventures); assisting with due diligence reviews of merger and acquisition deals
• Collaborating with IT to ensure security is factored into the evaluation, selection, installation and configuration of hardware, applications and software.
• Providing support and guidance on legal and regulatory compliance including data privacy
• Tracking and coordinating the remediation of security vulnerabilities
• Delivering security awareness training to employees
Breakdown of Core Responsibilities:
40% Risk management; ad-hoc consultancy; requirements gathering
30% Compliance; system platform validation; vulnerability management; reporting
20% Policy exception handling; security awareness training
10% Reviewing processes, procedures, guidelines, and solutions
Some travel may be required within region. Out-of-hours support may be required depending on nature of the operations.
The ideal candidate will have the following:
• 4-6 years' experience in a similar role working within information security management.
• Excellent understanding of information security concepts, protocols, industry best practices and strategies; analytical skills to evaluate security requirements and relate them to appropriate security controls.
• Detailed knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an understanding of the business impact of security tools, technologies and policies.
• Practiced proficiency in performing risk, business impact, control and vulnerability assessments.
• Well-versed in network and web application vulnerability scanning and associated risk treatment.
• Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with IT, project and application development teams, management and business personnel.
• Ability to build effective working relationships, working inclusively with stakeholders to understand their business requirements.
• Demonstrable experience working with common information security management frameworks, such as ISO 27001, COBIT and NIST frameworks.
• Ability to perform under high pressure in a dynamic environment to strict deadlines, with the ability to address multiple activities concurrently.
• Experience working within Information Security Management System's and information security governance
• Broad Knowledge of IT Architecture & Underpinning Technologies including;
• Network architecture (routers, switches and load balancers)
• Security technologies (firewalls, IDS/IPS/UTM, advanced endpoint security, AV, FIM)
• Operating systems (Windows, OS X, Linux and UNIX)
• Application architecture (databases, web, middleware, virtual)
• Software development (SDLC, compiled and interpreted languages, SVN)
• Understanding of the role of Information Security in the Software Development Life Cycle
• Knowledge of Agile & Waterfall project management methodologies
• CISM, CISSP, CRISC, CISA, ISO2700x qualifications advantageous
If this sounds like you, we would love to hear from you, please click ''Apply Now'', and please attach a copy of your CV to your application too.
Sony Pictures Entertainment is a leading creator and distributor of entertainment products, services and technology. Our global operations encompass motion picture production and distribution, television production, programming and syndication, home video acquisitions and distribution, operation of studio facilities, development of new entertainment technologies and distribution of filmed entertainment in over 70 countries.
Please note that this role is based in the United Kingdom. In order to enable us to meet statutory and regulatory obligations of the United Kingdom immigration system you must have the appropriate immigration permission needed to work and reside in the United Kingdom.
Sony Pictures Entertainment is committed to equal opportunity in all its employment practices, policies and procedures. No worker or potential worker will therefore receive less favourable treatment due to his or her race, age, creed, sexual orientation, colour, nationality, ethnic origin, disability, religion, gender, marital status or Trade Union membership (if applicable).
* Sony Pictures - GBR - London