Director, Global Information Security
This position will act as Sony Music Publishing’s (SMP) Information Security Officer (ISO) and be responsible for supporting Sony’s Information Security Management System (ISMS) and for effective implementation of the Sony Group Information Security Policies within the Sony Group Companies for which they are responsible, as assigned by the Sony Group CISO.
- Responsible for ensuring that the Sony Music Publishing meet the following requirements:
- (a) All applicable requirements of the Sony Group Information Security Policies are implemented and maintained in all areas of each Sony Group Company
- (b) Processes are implemented to identify and manage Information Security risks, in accordance with the risk assessment methodology defined in Sony’s GISS
- (c) Processes are implemented to measure the performance and effectiveness of the Sony Group ISMS and associated Information Security requirements and processes
- (d) Processes are established for management to review periodically and drive continuous improvement of the Sony Group ISMS.
- Serve as main contact and advisor for cyber security for SMP and the IT business partners, infrastructure and architecture.
- Act as a partner with the legal, compliance, and IT resources to establish an effective working relationship that enhances the security program effectiveness.
- Oversee, communicate, and work with IT to implement solutions required for security for the business objectives.
- Develop, track, and report threat intelligence metrics and KPIs (Key Performance Indicators) to senior leadership.
- Identify and act on all non-compliance areas for improvement and facilitate the development and deployment of the solutions.
- Actively engage with leadership toward objective achievements through representation of the security program and support external and internal auditing.
- Work with management and coordinate with Crisis Management and Security Incident Response teams to help drive resolutions for incidents and assist with investigations.
- Help to translate and implement Sony’s Global Information Security Policies.
- Serve on SMP Architecture Review Board and Tech Steering; drive the development of enterprise technology standards, governance processes, and performance metrics.
- Develop the annual operating and capital expenditure budget Information Security/Privacy to ensure it is consistent with the overall strategic objectives of Sony/SMP.
- Remain current on recent technologies and platforms and provide direction on which emerging technologies should be assimilated, integrated, and introduced within Information Security/Privacy to ensure SMP capabilities respond to the needs of the enterprise's strategy.
- Provide leadership, coaching, and direction to the Information Security/Privacy team members.
- Lead incident management and defense coordination against emerging cyber threats and critical vulnerabilities
Who You Are:
- Minimum 7 years of experience in security architecture design, network security, mobile security, and vulnerability management.
- Bachelor's degree in computer science or equivalent.
- Effective influencing and negotiation skills in an environment where resources may not be in direct control of this role.
- High levels of personal integrity when conducting the professional affairs of the organization and dealing with sensitive and confidential data relating to risks and costs.
- Calmness and clarity of thought while under pressure.
- Ability to lead by example and consistently behave in a manner that upholds the organization’s values, goals, and culture.
- The ability to lead, enable, and motivate teams by providing advice and guidance in a non-judgmental fashion.
- An understanding of strategic organizational objectives and the ability to drive results toward those objectives.
- Openness to, and the ability to manage, rapid change in needs, processes, and technologies.
- World-class skills in mobilizing and driving team members to achieve outcomes.
- Strong communication skills with a proven ability to understand key concepts and communicate effectively with technical staff, key stakeholders, and senior management.
- Highly skilled at communicating technical concepts to non-technical people to enhance understanding and drive decisions that lead to positive outcomes.
- Skilled at communicating complex business concepts to the Security/Privacy teams to ensure comprehension, compliance, and commitment.
- Demonstrated ability to collaborate, build relationships, and influence individuals at every level in a matrix-management environment.
- Proven ability to manage vendors and service providers to identify and leverage external resources to enhance capabilities that support business objectives.
- Exemplary organizational skills, the ability to perform under pressure while managing multiple priorities with competing demands for resources.
- Well-honed analytical, data processing, and problem-solving skills.
- Proficiency in process formulation and improvement.
- Ability to instill confidence in the organization and demonstrate the value of Global Infrastructure & Information Security/Privacy.
- Excellent analytical, strategic conceptual thinking, strategic planning, and execution skills.
- Expertise in budget planning and financial management.
- Exceptionally strong business acumen, including industry, and domain-specific knowledge of the enterprise and operating units.
- Deep understanding of current and emerging technologies and how other enterprises are employing them.
- Expert at delivering innovative and agile infrastructure and operational solutions to enable the organization to capitalize on new opportunities.
- Demonstrated ability to develop and execute a strategic people plan, which ensures that the right people are in the right roles at the right time and that employees are highly engaged and satisfied.
- Demonstrated expertise in strategic planning, organization design, and development.
- Expert written and verbal communication skills.
- Exceptional computer skills including, but not limited to Microsoft Office 365 Platform.
- Must be able to commute to our Nashville office
What We Give You:
- You join an inclusive, collaborative, and global community where you can fuel the creative journey
- A modern office environment designed to foster productivity, creativity, and teamwork
- An attractive and comprehensive benefits package including medical, dental, vision, life & disability coverage, and 401K + employer matching
- Voluntary benefits like company-paid identity theft protection and resources for pets, mental health and meditation resources, industry-leading fertility coverage, fully paid leave for childbirth or bonding, fully paid leave for caregivers, programs for loved ones with developmental disabilities and neurodiversity, subsidized back-up child and elder care, and reimbursement for adoption, surrogacy, tuition, and student loans
- We invest in your professional growth & development
- Flexible time off
- Time off for a winter recess
Sony is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), gender, national origin, citizenship, ancestry, age, physical or mental disability, military status, status as a veteran or disabled veteran, sexual orientation, gender identity or expression, marital or family status, genetic information, medical condition, or any other basis protected by applicable federal, state, or local law, ordinance, or regulation.