Cyber Security Specialist

In this role, the Cyber Security Specialist will use threat intelligence to investigate the potential threat and the attack methods employed by malicious actors and apply hands-on technical knowledge to investigate incidents and mitigate risk.

Candidates must have detailed skills in commercially sourced intelligence (CSINT) and open-source intelligence (OSINT), including analysis of publicly available information (PAI) such as advanced social media research. This is a hands-on position for individuals passionate about security threat detection, analysis, and response using various tools, methods, and automation. Advanced work ethic and creative problem-solving skills are essential.

• Detect threats and incidents through proactive “hunting” across security-relevant data sets.
• Detailed skills in conducting investigations with a focus on attribution through OSINT techniques, social media research, publicly available information (PAI) and other similar investigative methods 
• Develop strategies and plans for the collection of publicly available information (PAI) in response to intelligence gaps, including the tools and methodologies needed to accomplish the task. 
• Develop and automate playbook/use case to detect and remediate threats using either out-of-the-box or custom integration and functions. 
• Perform security monitoring and incident response activities across the SME global networks and cloud platforms, leveraging various tools and techniques. 
• Perform hands-on security testing of security controls across various products and platforms to discover risks and supervise them to resolution proactively. 
• Conduct correlation search and real-time analysis using SIEM/SOAR platforms, Endpoint, and network-based technologies with a focus on identifying security events and threats and developing incident response playbook automation.  
• Analyze security and abuse incidents to derive insight into attack vectors and TTPs. 
• Maintain SOC workflow, playbook, ticketing, and single pane of glass, including capturing standard SOC metrics/reporting.

• Degree in Information Systems, Engineering, Cyber Security, or related fields
• Minimum four years of experience in Information Systems with at least three years of experience in Cyber Security
• CISSP, CompTIA Security+, GIAC Cyber Threat Intelligence certification is a plus
• Hands-on experience in a Security Operations Center environment conducting network, host, or threat analysis.
• Experience analyzing logs in SIEM and in Cloud platforms.
• Hands-on experience with scripting languages (e.g., PowerShell and Python) to simplify tasks and automate IR playbooks.
• Excellent writing skills and ability to tailor investigative reports to the intended audience.
• Ability to create, organize, and analyze complex data sets while maintaining a high level of accuracy.
• Ability to manage multiple investigations simultaneously with competing priorities and deadlines.
• Display sound judgment, critical thinking, and strong attention to detail.
• Advanced technical skills in more than one of the following areas:
  • Network and/or host security technologies (Microsoft Defender for Endpoint) 
  • Email services and technologies (Microsoft Exchange Online & Google Workspace) 
  • Cloud infrastructure and services (AWS, Azure, O365) 
  • Identify and access management (Azure AD and IDP)

• You join an inclusive, collaborative and global community where you have the opportunity to fuel the creative journey
• A modern office environment designed to foster productivity, creativity, and teamwork
• Our Hybrid with Flexibility approach combines the flexibility of remote working with the benefits of in-person collaboration whenever we need to come together to do our best work. Managers will partner with their teams and employees to establish work arrangements that meet the business, team, and individual needs.
• An attractive and comprehensive benefits package including medical, dental, vision, life & disability coverage, and 401K + employer matching
• Voluntary benefits like company-paid identity theft protection and resources for pets, mental health and meditation resources, industry-leading fertility coverage, fully paid leave for childbirth or bonding, fully paid leave for caregivers, programs for loved ones with developmental disabilities and neurodiversity, subsidized back-up child and elder care, and reimbursement for adoption, surrogacy, tuition and student loans
• We invest in your professional growth & development
• Time off for a winter recess

Sony Music is committed to providing equal employment opportunity for all persons regardless of age, disability, national origin, race, color, religion, sex, sexual orientation, gender, gender identity or expression, pregnancy, veteran or military status, marital and civil partnership/union status, alienage or citizenship status, creed, genetic information or any other status protected by applicable federal, state, or local law.