Skip to main content

Information Security Risk Assessor

Culver City | Req ID: JR22-10646

Tech/IT/InfoSec at Sony Pictures

Join us in a dynamic fast paced environment focused on delivering value by leveraging an agile framework. In support of our ever evolving film and television businesses, our IT teams leverage the latest technologies and focus on cloud adoption.

Success Profile

Be a part of a diverse, inclusive and collaborative culture that focuses on professional development, high performance and growth by leveraging structured programs that include OKRs (stretch for amazing) and modern development planning tools (e.g. competency model). Check out the top traits we’re looking for and see if you have the right mix.

  • trusted partner
  • innovative problem solver
  • strategic thinker
  • change agent
  • effective communicator
  • learner and developer

Job Details

REQ ID JR22-10646 Date posted 04/03/2023

We are in the business of creativity… making some of the most beloved film and television of all time for every platform in the world. As the most creative and proudly independent studio, our future is boundless.

Sony Pictures Entertainment (SPE) is a division of Sony Corporation, a creative entertainment company built on a foundation of technology. Along with our sister companies, we make movies, television, music and games that engage billions of people, connecting creators and audiences around the globe. We are looking for innovators to join us as we forge the future of entertainment!


Our InfoSec Risk Management team is responsible for providing risk visibility to all of SPE and helping business stakeholders make informed risk decisions to ensure SPE information is protected in all our third-party engagements.

As a Risk Assessor, you are responsible for performing end-to-end security risk assessments.  Due to the diversity of our businesses, you will get an opportunity to risk assess a broad spectrum of targets such as applications, technical environments, third parties, and workflows to help secure SPE’s information assets. The Risk Assessor Role reports to the Director of Information Security Risk.

As a Risk Assessor you are the key contributor to helping Executives for all SPE business lines have visibility in the information security risks their businesses face. The business leaders rely on you to provide guidance on how to address the risks as well as validate that the risks are addressed to an acceptable level and as a result, SPE is more secure.


  • Conduct comprehensive end-to-end information security risk assessments to identify, assess, and measure information security risks for systems, applications, facilities, technical environments, networks, projects, workflows, and third parties impacting IT and business initiatives globally across Sony Pictures and SPE subsidiaries
  • Review new applications, emerging technologies and services and provide guidance to business stakeholders on the risk of reviewed targets
  • Prepare risk assessment reports that drive management decision-making to address identified risks by risk reduction, acceptance, avoidance, and transfer
  • Provide thoughtful and insightful advice to remediation owners in the formulation of risk treatment plans and ensure the risk treatment plans are in place and adhered to
  • Present risks to executive management
  • Manage relationships with security, technology, and business stakeholders and lead meetings to communicate information security risks and drive risk decisions from risk owners by providing multiple mitigation approaches.
  • Contribute to and support continuing improvements and efficiencies in the risk program
  • Leverage the ServiceNow GRC platform in carrying out risk activities (Risk assessment, remediation, etc.)
  • Support vendor onboarding as needed by reviewing information security terms in third-party contracts
  • Perform Business Impact Assessments to identify critical third parties and applications


  • Bachelor’s degree in Business, Information Systems, Engineering, or equivalent work experience
  • 5-7 years of experience performing information security risk assessments including technical, third-party and workflow assessments
  • Familiarity with ISO 27000 family of standards and other risk frameworks such as NIST 800-53, ISO 31001
  • Ability to communicate clearly and concisely with technical and non-technical teams across multiple businesses; written, verbal, presentation, and interpersonal skills.
  • Highly self-motivated and able to work both independently and as part of a multi-disciplined team
  • Good analytical, research, and problem-solving skills with a keen attention to detail
  • Ability to work on multiple projects, with strong ability to adapt to dynamic work environment and to prioritize tasks accordingly
  • Open to continuously learning to keep up with the fast-paced world of cyber security
  • Trusted advisor to the business
  • Ability to make decisions, use discretion and display sound judgement


  • Risk assessment experience of Cloud based technologies
  • Entertainment industry experience preferred
  • 3-5 years GRC experience preferred
  • Broad knowledge of information security with a technical understanding of key security domains (e.g., architecture, networking, access management, cloud security) is preferred


  • Competitive salary, with annual bonus eligibility.
  • A choice of comprehensive health plan options that fit your lifestyle.
  • Immediate matching and vesting for your 401k plan.
  • A wide array of innovative employee benefits to support you (and your family), including Student Loan Assistance, Identity Theft Protection and access to discounted Pet Insurance.
  • Rest and recharge during a week off during the winter holidays, in addition to holidays, personal days and vacation time.
  • Participate in extensive learning & development opportunities at all levels, including curated instructor-led classes and high impact online resources.
  • Build your community by joining our Employee Volunteer Program, Employee Business Resource Groups, and/or Sony Pictures Action – our racial equity and inclusion strategy.
  • Access to an employee online store filled with a variety of discounted Sony products.
  • If you live near Culver City, enjoy all the amazing offerings at our beautiful Studio Lot, including multiple Commissaries with menus for every palate, a state-of-the-art gym and fitness program, as well as onsite medical, dental, mental health and nutrition professionals.
  • Watch movies and TV shows at work(!), during employee screenings of our newest movies and TV shows
The anticipated base salary for this position is $115,500 to $154,500. This role may also qualify for annual incentive and/or comprehensive benefits. The actual base salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location of the position.
*Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics.

Join Us

Sony Pictures is the powerhouse behind some of the world’s most beloved films and television. Peek behind the curtain and watch this video to see what it’s like to work with us.

Join Us at Sony Pictures

Premiere Jobs

You have not recently viewed any jobs.

You have not saved any jobs.

Job Alerts

Fill out and submit the form below to stay updated about the latest job opportunities at Sony Pictures

Interested InSelect a job category from the list of options. Search for a location and select one from the list of suggestions. Finally, click “Add” to create your job alert.

  • Tech / IT / Info Sec, Culver City, California, United StatesRemove

Note that all fields are mandatory. Please set your category and location selections prior to submitting.