Sony Music Entertainment

  • Information Security Program Manager

    Location US-NY-New York
    Posted Date 5 months ago(8/31/2018 1:14 PM)
    Job ID
    # Positions
    Information Technology - Other
  • Overview

    Sony Music Entertainment is a global recorded music company with a roster of current artists that includes a broad array of both local artists and international superstars, as well as a vast catalog that comprises some of the most important recordings in history.  Sony Music Entertainment is a wholly owned subsidiary of Sony Corporation of America.


    Sony Music is committed to providing equal employment opportunity for all persons regardless of age, disability, national origin, race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, veteran or military status, genetic information or any other status protected by applicable federal, state, or local law.


    Sony Music is seeking an Information Security professional to join the Global Information Security organization located in New York. This position will be a part of the team responsible for implementing and maintaining an enterprise-wide risk and compliance strategy to secure Sony’s information assets, services, and the products that depend on them, building trust with customers and stakeholders, and protecting the privacy of Sony’s customers and employees.


    The ideal candidate is a driven team-player with experience working in a dynamic environment and the ability to wear multiple hats in the information security realm.  Candidate should have a proven history of policy design and security awareness delivery in one or more security domains. The candidate should have experience in risk management techniques including control assessments, gap analysis, external or internal audit, risk management concepts and risk assessment methodologies. Candidate should be able to leverage multiple forms of communication to articulate complex concepts with proficiency to both technical contributors and executive management.  


    Will include, but are not limited to:

    • Provide management reports, dashboards, and detailed presentations for senior management and business leaders and clearly demonstrate an understanding of risks and findings
    • Develop and manage security compliance dashboards and reports for internal stakeholder
    • Manage compiling weekly, monthly and quarterly metrics and reporting with regard to the current state of SME’s information security program and specific projects/activities
    • Monitor and participate in mid-range planning exercises and risk and metrics committees
    • Evaluate the design effectiveness of controls based upon industry best practice models
    • Perform activities to measure and monitor successful implementation
    • Manage and deliver security enhancement projects
    • Facilitate risk assessments, maturity assessments, and evaluation of controls and measurements against policies, standards and processes


    • Minimum 3 years’ experience in information security control assessments, audit, or compliance
    • Bachelor’s degree, preferably in Computer Science or a related field, such as business administration or management information systems, or equivalent experience
    • Big 4 experience preferred (Deloitte, PwC, KPMG, E&Y)
    • CISSP, CISM, CAPM, PMP, Lean Six Sigma, PRINCE2, or ITIL certification(s) preferred
    • Track record of independently performing information security assessments or IT / ISO audits.
    • Knowledge of project and program management preferred
    • Experience with GRC tools, such as RSA-Archer preferred
    • Significant experience with MS Office, especially Excel and PowerPoint, required
    • Ability to address multiple assignments simultaneously, with strong ability to prioritize tasks and respond to dynamic priorities
    • Excellent writing and analytical skill set
    • Strong research skills with a keen attention to detail
    • Adept at learning new technologies
    • Strong written and verbal communication skills and the ability to interact well with different levels within the organization
    • Ability to host, present, and facilitate meetings to all levels of management including Chief Information Officers, Chief Technology Offers and their direct reports
    • Ability to work well in a collaborative, team oriented environment
    • Excellent organizational skills



    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed