Sr. Engineer, Information Security

We are seeking a highly motivated and experienced Information Security Engineer to join our dynamic security team. This critical role will focus on building and maintaining robust data ingestion pipelines into our AWS Data Lake, primarily leveraging Fluent Bit, while also developing and implementing security solutions centered around Cortex XSOAR. The ideal candidate will possess a deep understanding of data ingestion methodologies, AWS Data Lake architecture, security automation, and SIEM technologies. You will be instrumental in ensuring the secure and efficient collection and processing of security-relevant data to proactively detect and respond to threats.

Responsibilities:

• Data Ingestion (Fluent Bit & AWS Security Data Lake):
  • Architect, implement, and manage scalable and reliable data ingestion pipelines from various sources into the AWS Data Lake using Fluent Bit/App Fabric etc.
  • Design and configure Fluent Bit agents for efficient log collection, parsing, and routing.
  • Troubleshoot and optimize data ingestion pipelines for performance and reliability.
  • Implement data transformation and enrichment processes during ingestion.
  • Ensure data integrity and quality throughout the ingestion process.
• Security Data Lake (AWS):
  • Design and implement robust security controls for our AWS Data Lake environment.
  • Develop and enforce data access policies and encryption standards within the data lake.
  • Monitor data lake activity for security threats and unauthorized access using AWS security services.
  • Conduct security assessments and participate in hardening the data lake infrastructure.
• SOAR (Cortex XSOAR) Operations:
  • Design, develop, and maintain security automation playbooks using Cortex XSOAR, leveraging data from the AWS Data Lake and other sources.
  • Integrate various security tools and platforms with Cortex XSOAR to automate incident response workflows triggered by data lake analytics.
  • Troubleshoot and optimize existing SOAR playbooks to improve efficiency and effectiveness based on data lake insights.
  • Develop and maintain custom integrations and scripts as needed.
• Use Case Development:
  • Collaborate with security analysts and incident responders to identify and develop new security use cases that leverage the rich data within the AWS Data Lake.
  • Translate security requirements into actionable playbooks, dashboards, and alerts, with a focus on data lake-driven insights.
  • Document and maintain security use case documentation, emphasizing data sources and ingestion methods.
  • Research and stay up to date on new attack vectors and develop data lake-centric use cases to detect them.
• Incident Response:
  • Assist in the investigation and remediation of security incidents, utilizing data lake logs and analytics.
  • Provide technical expertise during security incident analysis, focusing on data lake-related events.
• Collaboration and Communication:
  • Work closely with cross-functional teams, including data engineers, security analysts, and developers, on data ingestion and security initiatives.
  • Communicate security findings and recommendations, especially those related to data lake security and ingestion, to stakeholders.
  • Provide training and support to other team members on data ingestion processes and security tools.

Requirements:

• Experience:
  • Minimum of 4-6 years of experience in information security.
  • Significant hands-on experience designing, implementing, and managing data ingestion pipelines, with a strong emphasis on Fluent Bit.
  • Proven experience working with AWS Data Lake architecture and related services (e.g., S3, IAM, Glue, Athena).
  • Experience with Cortex XSOAR or other SOAR platforms.
  • Strong experience with Splunk or other SIEM tools.
  • Deep understanding of data lake security best practices on AWS.
  • Proficient in scripting languages (e.g., Python, Shell scripting).
  • Experience with infrastructure-as-code (IaC) tools like Terraform or CloudFormation is a plus.
• Skills:
  • Strong understanding of data ingestion methodologies and best practices.
  • Excellent analytical and problem-solving skills, particularly in troubleshooting data pipelines.
  • Solid understanding of security principles and practices.
  • Ability to work independently and as part of a team.
  • Strong communication and interpersonal skills.
  • Knowledge of common attack frameworks like MITRE ATT&CK.
• Education: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
• Certifications (Preferred):
  • AWS Certified Data Analytics – Specialty
  • AWS Certified Security – Specialty
  • AWS Certified Data Engineer

Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics.

SPE will consider qualified applicants with arrest or conviction records in accordance with applicable law.

To request an accommodation for purposes of participating in the hiring process, you may contact us at SPE_Accommodation_Assistance@spe.sony.com.