Senior Manager, Incident Response
Culver City | Req ID: JR22-10528
Tech/IT/InfoSec at Sony Pictures
Join us in a dynamic fast paced environment focused on delivering value by leveraging an agile framework. In support of our ever evolving film and television businesses, our IT teams leverage the latest technologies and focus on cloud adoption.
Be a part of a diverse, inclusive and collaborative culture that focuses on professional development, high performance and growth by leveraging structured programs that include OKRs (stretch for amazing) and modern development planning tools (e.g. competency model). Check out the top traits we’re looking for and see if you have the right mix.
- trusted partner
- innovative problem solver
- strategic thinker
- change agent
- effective communicator
- learner and developer
The Incident Response Sr. Manager reports to the Incident Response Director in delivering incident response duties and initiatives.
This role performs sophisticated computer and network forensic investigations that pertain to different types of cyber threats, including malware, data theft, denial of service, and data breaches. They collaborate with the SOC to quickly evaluate, resolve, or escalate incidents for appropriate action. Additionally, the incumbent works together with IT and other teams to pinpoint the underlying issues and create effective corrective and preventive measures. To enhance the organization's security posture and incident response capabilities, the employee collaborates with peers in threat assessment and provides recommendations to the Incident Response Director.
Demonstrates proficiency in:
- The use of host and network forensic methods and tools
- Information security, networking, and client/server architectures
- The current and emerging landscape of cyber threats
- The application of threat intelligence in incident response and forensic investigations
- Malware analysis and comprehension of attack methodologies
- Navigating and querying enterprise logging solutions to extract and manipulate data
- Analyzing network, host, and user activity data to detect irregularities.
- Some travel may be required.
- Function as an incident response handler, directing IT and other departments during security incidents, including evidence preservation, corrective action, and preventive actions
- Conduct advanced computer and network forensic investigations relating to various forms of malware, computer intrusion, theft of information, denial of service, data breaches, etc. Assist in identifying and remediating gaps as identified throughout the investigation. Maintain technical knowledge within areas of expertise via formal training and self-education
- Analyze malware, reverse engineer code when necessary to understand the impact of the malware, and root causes of the malware related incident
- Design, document, and implement incident response processes, procedures, guidelines, and solutions. Responsible for technical and executive level reports on incident response issues.
- Hacker techniques, tools, and motivations
- Operating systems (Windows, OS X, Linux and UNIX)
- Multilayer security architectures and controls
- Application architecture (mainframes, databases, web, middleware, virtual)
- Network architecture (firewalls, routers, switches and load balancers)
- Security technologies (IDS/IPS, advanced endpoint protection, AV)
- Analyzing file system images, memory images and network packet captures
- Using commercial and open source security testing tools
- Problem solving with missing information while under pressure with short deadlines
- Dynamic malware analysis and indicator extraction
- Indicator pivoting, tracking and analysis
- Ability to prioritize multiple tasks rapidly, formulate a plan, respond quickly and communicate with customers and leadership
Desired skills but not required:
- Programming in two or more of the following: C, Java, .NET, SQL, Python
- Shell scripting in two or more of the following: Perl, Bash, PHP, WMI, SED
- Reviewing application source code for security vulnerabilities
- Using debuggers and/or de-compilers
- Reverse engineering complex code, using tools such as IDA Pro, OllyDBG and other similar tools
- Speak languages other than English (Japanese, Chinese, etc)
- Take on new responsibilities and influence others as needed to deliver consistent results
- Strong verbal communications skills and concise written communication skills
- Strong organizational and multi-tasking skills
- Pick up new skills through self-learning and on the job training
- Innovate and stay current on security technologies
- 7 years of security experience
- 2-3 years of forensic experience
- 3-5 years of malware analysis
- 5-7 years of hands on incident response
- 3-5 years of SIEM experience
- 5-7 years of cyber threat tracking
- 1-2 years of exploit / hack tool research and/or development
- 1-2 years of experience with IDS/IPS/Full Packet capture devices
- Incident and Forensic Security certification (SANS)
- Information Security certification
- CISSP (Certified Information Systems Security Professional)
- CISA (Certified Information Security Auditor), or equivalent
Vendor certifications/training (e.g. Axiom, Crowdstrike, etc.)
Ethical hacking certifications
- Offensive Security OSCP (Certified Professional),
- EC-Council CEH (Certified Ethical Hacker), or equivalent
*Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics.
Sony Pictures is the powerhouse behind some of the world’s most beloved films and television. Peek behind the curtain and watch this video to see what it’s like to work with us.