IT Security Administrator

PXO is seeking an IT Security Administrator to provide expert guidance on IT security, develop policies, and maintain enterprise-wide security solutions globally. The role involves leading incident response, overseeing application security, managing IT risk, coordinating audits, and conducting vulnerability assessments. Responsibilities also include infrastructure and systems security, physical and on-set security, and ensuring legal and regulatory compliance, particularly with GDPR. The ideal candidate will have a strong understanding of IT infrastructure and information security in fast-paced environments.

Must Have

• Lead and coordinate incident response remediation activities.
• Oversee application security request review process.
• Conduct Infosec Criticality Assessments (ICAs).
• Represent PXO in Sony CISO meetings.
• Enforce Sony security policies and standards.
• Manage and maintain IT Risk Register.
• Coordinate client security audits and support external certifications (e.g., TPN).
• Complete and manage client security questionnaires.
• Conduct internal penetration tests and vulnerability assessments.
• Manage firewall whitelisting and approval process.
• Oversee vulnerability and patch management workflows.
• Maintain sandbox and production environments.
• Own and manage I/O and data transfer security procedures.
• Participate in systems design and implementation from a security perspective.
• Develop user and technical security documentation and training resources.
• Document and maintain critical security and infrastructure policies.
• Test and improve Disaster Recovery capabilities.
• Manage and maintain physical security systems (CCTV, alarm, access control).
• Advise on on-set data handling procedures.
• Act as liaison between IT/InfoSec and Legal on GDPR, data retention, and compliance.
• Five plus years of hands-on experience in security and/or infrastructure.
• Familiarity with Cyber Essentials, ISO 27001, 27002, Data Protection Act, and GDPR.
• Proficiency in Microsoft O365 Security solutions, Networking, Security operations, Vulnerability Management, and Security Auditing.
• Experience in security testing, vulnerability scanning, and risk management.
• Detailed knowledge of Microsoft O365 environment, Threat Intelligence analysis, Security Incident Response, and Disaster Recovery principles.
• Experience in Zero Trust architecture, secure remote access, and TPN practices.

Good to Have

• Ability to create formal documents such as reports or procedures.
• Strong interpersonal skills and analytical mindset.
• Ability to communicate in non-technical language.
• Good organisational skills and ability to manage and prioritise workload.
• Familiarity with SIEM tools, such as Splunk.
• An ITIL certification or similar.

Description

PXO creates industry-leading Virtual Production and Visual Effects for premium Film and Episodic content. With over 20 industry awards and nominations, PXO, a Sony Pictures Entertainment company, is a trusted partner for storytellers and showrunners worldwide.

PXO has been creating iconic work since 2001, from Martin Scorsese’s Academy Award winning Hugo and HBO’s Emmy winning Game of Thrones, House of the Dragon, through to Amazon’s The Boys, Marvel’s Ant-Man and the Wasp: Quantumania and many more.

We're looking for an IT Security Administrator to join our IT team. In this role, you will provide expert guidance on IT security, contribute to the development of policies and procedures, and support the maintenance of enterprise-wide security solutions across multiple global regions. You will also hold responsibility for decision-making within your area of expertise, ensuring clear ownership and accountability. The ideal candidate will have a strong understanding of IT infrastructure and information security in large-scale, fast-paced environments.

Responsibilities

Information Security & Compliance

• Lead and coordinate incident response remediation activities across Office tenant and related infrastructure.
• Oversee the application security request review process, including white paper evaluations and coordination with InfoSec teams.
• Conduct Infosec Criticality Assessments (ICAs) and participate in DAART and IR meetings.
• Represent PXO in Sony CISO meetings and ensure alignment with broader Sony InfoSec policies.
• Enforce Sony security policies and standards in production environments.
• Manage and maintain IT Risk Register.
• Coordinate client security audits and support external certifications (e.g., TPN).
• Complete and manage client security questionnaires during bidding or audit processes.
• Conduct internal penetration tests and vulnerability assessments to proactively identify and mitigate security risks.

Infrastructure & Systems Security

• Manage the firewall whitelisting and approval process.
• Oversee vulnerability and patch management workflows.
• Maintain sandbox and production environments; support workflow and network hardening (e.g., Microsoft 365, HiBob).
• Own and manage I/O and data transfer security procedures.
• Participate in systems design and implementation from a security perspective.
• Develop user and technical security documentation and training resources.
• Document and maintain critical security and infrastructure policies, e.g., Incident Response Plan, Business Continuity Plan, Change Management Procedures, and Disaster Recovery Plan.
• Test and improve Disaster Recovery capabilities and identify process gaps.

Physical & On-Set Security

• Manage and maintain physical security systems including CCTV, alarm, and access control systems in collaboration with vendors.
• Advise on on-set data handling procedures, ensuring certified media and secure practices are in place.

Legal & Regulatory Compliance

• Act as the liaison between IT/InfoSec and Legal on matters related to GDPR, data retention policies, and compliance.
• Ensure proper documentation, communication, and enforcement of data protection practices in line with regulatory standards.

Requirements

• Five plus years of hands-on experience in security and/or infrastructure within an enterprise environment.
• Familiarity with enterprise information security standards such as Cyber Essentials, ISO 27001, 27002, Data Protection Act, and GDPR.
• Proficiency in Microsoft O365 Security solutions, Networking, Security operations, Vulnerability Management, and Security Auditing.
• Experience in security testing, vulnerability scanning, and risk management.
• Ability to create formal documents such as reports or procedures.
• Detailed knowledge of Microsoft O365 environment, Threat Intelligence analysis, Security Incident Response, and Disaster Recovery principles.
• Strong interpersonal skills, analytical mindset, and ability to communicate in non-technical language.
• Good organisational skills and the ability to manage and prioritise workload, along with experience in key security areas such as Zero Trust architecture, secure remote access, and security practices relevant to the digital content/VFX industry (e.g., TPN). Familiarity with SIEM tools, such as Splunk, is also highly desirable.
• An ITIL certification or similar would be preferred.

Benefits

Pixomondo is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics.

Benefits may vary by location due to regional regulations and company policies.

PXO does not accept resumes from recruiters. Unsolicited resumes are accepted directly from candidates only. PXO will not pay any fees associated with unsolicited resumes.