Job Description
Role Summary
Information Security Governance, Risk and Compliance is looking for a Security Awareness Analyst to become a member of the team at PlayStation. L ocated within regular commuting distance of our Rancho Bernardo San Diego, CA office, the successful candidate will develop, build, and deliver an outstanding Security Awareness Program to employees worldwide. With so much creative talent at PlayStation, the possibilities are many and really only limited by the imagination and influence of the individual!
Responsibilities
1. Program Development [20%]
• Contribute and s upport an engaging Security Awareness Program that influences attitudes and changes behaviors to build a safer work environment.
• Ensure the Program meets Sony Group compliance requirements and relevant industry regulations and standards.
• Socialize the Program to
other teams and promote its adoption, taking into consideration different cultures, nationalities and languages.
• Solicit feedback from colleagues and partners to identify gaps and opportunities to evolve the Program.
• Continuously evaluate and manage Program vendors and services.
• Analyze metrics , derive insights, and prepare consolidated reporting illustrat ing the impact
of the Program effectiveness.
2. Operations [40%]
• Acquire and curate content for the Program.
• Regularly deliver cyber security training globally.
• Regularly deliver simulated phishing emails globally.
• Oversee the delivery of training and phishing in business units outside the Program.
• Troubleshoot user issues and liaise with internal stakeholders and external vendors to resolve them.
• Administrate SaaS services used to deliver training and simulated phishing emails.
• Regularly prepare and s end report s to management.
• Create engaging content to ensure that the Program message is heard and applied in diverse and original forms ( e.g. articles, posters, board games, videos, flyers, learning modules).
• Publish content to Intranets.
• Coordinate the delivery of security advisories and urgent communications to a global employee audience through the Corporate Communications department.
• Organize and host events through a variety of mediums ( e.g.
online webinars, lunch-and-learns, workshops, and seminars).
• Conduct security awareness assessments and surveys to gauge employee knowledge and behavior.
• Monitor the Program mailbox and respond to queries from employees.
• Provide support and guidance to employees on security-related issues and best practices.
• Stay current on the latest cybersecurity threats and trends to update training content accordingly.
• Assist in the development and enforcement of security policies and procedures.
• Other duties as prescribed by the Program.
3. Project Management [40%]
• Plan and deliver engaging activities for Cyber Security Month in October.
• Introduce new Program improvements:
• Assess the feasibility
of new improvement
opportunities .
• Develop a plan that explains
objectives , benefits, design, implementation tasks, timings, operational roles and responsibilities, communications, training and support.
• Influence stakeholders to get their support .
• Collaborate with subject matter experts and provide technical requirements.
• Motivate contributors to complete tasks against agreed milestones.
• Prepare regular status reports on progress and call out challenges or delays .
• Develop performance indicators and measure the impact.
• Prioritize and balance multiple projects simultaneously.
Experience and Skills
• Minimum 2 years of cyber s ecurity experience .
• A bachelor's degree in cyber s ecurity, marketing, education, or a related field.
• Experience speaking publicly to large audiences at workshops/events/seminars either as trainer or an authority on the presentation material.
• Confident ''people person'' that can casually establish and maintain productive working relationships.
• Strong communication and presentation skills, knowledge of cyber security principles, and the ability to create engaging training content.
• Attentive,
organized and good attention to detail.
• Quick learner with the ability to multi-task.
• Proactive and self-motivated, yet capable of forming a team as needed.
• Ability to take complex topics and form simple and concise messaging.
• Professional writer, able to research and prepare timely , high quality, clearly written materials free of grammatical errors and spelling mistakes.
• Good knowledge of Office 365.
• CISSP , CISM
or ISO/IEC 27001 Lead Implementer an advantage.
Please refer to our Candidate Privacy Notice for more information about how we process your personal information, and your data protection rights.
At SIE, we consider several factors when setting each role's base pay range, including the competitive benchmarking data for the market and geographic location.
Please note that the base pay range may vary in line with our hybrid working policy and individual base pay will be determined based on job-related factors which may include knowledge, skills, experience, and location.
In addition, this role is eligible for SIE's top-tier benefits package that includes medical, dental, vision, matching 401(k), paid time off, wellness program and coveted employee discounts for Sony products. This role also may be eligible for a bonus package. Click here to learn more.
The estimated base pay range for this role is listed below.
$134,600
- $202,000 USD
Equal Opportunity Statement:
Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category.
We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.
PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.
Jobcode: Reference SBJ-r0485j-3-15-31-27-42 in your application.