Senior Analyst, Digital Forensics Response
Herndon, VA

Job Description

Sony Corporation of America, located in New York, NY, is the U.S. headquarters of Sony Corporation, based in Tokyo, Japan. Sony's principal U.S. businesses include Sony Electronics Inc., Sony Mobile Communications (USA) Inc., Sony Interactive Entertainment LLC., Sony Pictures Entertainment Inc., Sony Music Entertainment, and Sony/ATV Music Publishing LLC. With some 900 million Sony devices in hands and homes worldwide today, a vast array of Sony movies, television shows and music, and the PlayStation Network, Sony creates and delivers more entertainment experiences to more people than anyone else on earth. To learn more: www.sony.com.

Position Summary:

Sony Corporation of America (SCA) is seeking a highly motivated, self-driven Senior Analyst, Digital Forensics Response to join the Global Security Incident Response Team (GSIRT) - Security Operations Center (SOC), responsible for security event analysis, forensic analysis, incident response, and related activities. This position will be located in Herndon, VA and will report to the Senior Manager, Analysis and Response. This position will be responsible for covering an afternoon shift.

Responsibilities:

* Perform security monitoring and incident response activities across the Sony Group's global networks, leveraging a variety of tools and techniques
* Conduct computer forensic examinations, including preservation, acquisition, and analysis of digital evidence
* Operate independently in a geographically dispersed team, while maintaining situational awareness and keeping the team up to date
* Detect incidents through proactive "hunting" across security-relevant data sets
* Investigate computer intrusions focusing on initial infection vector determination., damage assessment, and creation and identification of new indicators of compromise (IOC's) which are fed back into a larger detection pipeline
* Thoroughly document incident response and forensic analysis activities
* Review investigations conducted by more junior analysts to ensure quality standards are met
* Develop new, repeatable methods for finding malicious activity across the Sony Group's global networks
* Provide recommendations to enhance detection and protection capabilities
* Regularly present technical topics to technical and non-technical audiences
* Write high-quality incident and forensic reports for executives
* Develop and follow detailed operational processes and procedures to appropriately analyze, escalate, and assist in the remediation of information security incidents
* Prioritize multiple high-priority tasks and formulate responses/recommendations to customers and team members in a fast-paced environment
* Provide assistance to other security teams
* Continually develop new technical skills and push overall team capabilities forward
* Engage with and mentor other team members
* Perform other duties, as assigned

Qualifications:

* Minimum of 5 years of experience in Information Technology with at least 3 years of experience in Information Security
* Bachelors in Information Technology, Engineering, Cybersecurity or related field or equivalent experience
* Experience working remote full time or experience working on a geographically dispersed team
* Hands-on experience in a Security Operations Center environment conducting network, host, or threat analysis
* Experience analyzing raw log files, particularly logs from network or host-based security tools
* Experience analyzing packet captures
* Experience performing forensic examinations of hard drive and memory images, including the preservation, acquisition, and analysis of digital evidence
* Deep understanding of network defense principles, common attack vectors, and attacker techniques
* Advanced technical skills and the ability to develop a mastery of network and host security technologies
* Strong work ethic and commitment to accomplish assigned tasks with a sense of urgency
* Strong aptitude for continuous learning and growth
* Experience teaching yourself technical subjects
* Comfort with using the Linux command line
* Experience with at least two programming or scripting languages
* Experience with the following technologies or concepts:
* SIEM or other security/log management platforms
* Email analysis
* Regular expressions
* IDS/IPS
* Firewalls
* Virtualization
* Common TCP and UDP protocols


* Hands-on experience performing the following types of analyses:
* Memory forensics
* File system forensics (exFAT, NTFS, HFS, HFS+, EXT2/3/4, RAID)
* Network forensics, including protocol and traffic analysis
* Cloud forensics, including multi-tenant distributed environments (AWS, IBM, etc.)
* Malware analysis
* Registry analysis
* Internet history analysis
* Metadata extraction and analysis
* Strong soft skills, including:
* Verbal and Written communication
* Analytical
* Problem solving
* Decision making
* Task prioritization


* All candidates must be authorized to work in the USA

Sony is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, sex (including pregnancy), gender, national origin, citizenship, ancestry, age, physical or mental disability, military status, status as a veteran or disabled veteran, sexual orientation, gender identity or expression, marital or family status, genetic information, medical condition, or any other basis protected by applicable federal, state, or local law, ordinance, or regulation.