Cloud Security Engineer

Why Sony Interactive Entertainment?

Sony Interactive Entertainment isn't just the Best Place to Play - it's also the Best Place to Work. Sony Interactive Entertainment (SIE) is the company behind the PlayStation brand. As a subsidiary of Sony Group Corporation, we're part of a proud legacy of innovation and excellence. SIE is a dynamic technology company, delivering cutting-edge hardware and network services to more than 100 million people and an entertainment leader, home to some of the most beloved and recognizable intellectual properties (IP) in the world. Our role at SIE is to create and nurture the experiences under the PlayStation brand, a name synonymous with entertainment excellence and creativity.

We are looking for an inspirational and hardworking person to join the Platform Hosting Cloud Security Engineering team at SIE! You'll be joining a team of innovative engineers who are unified in their mission to make PlayStation the best and most secure gaming platform. This support is fulfilled by minimizing impact to the platform while ensuring security needs are met. This role is highly technical and requires a shown grasp of security principles and how they are applied to production environments. You will assist in the planning, building, development, testing, and management of security tools and processes that provide protection and visibility of our cloud environments.

Key Responsibilities

Service Mesh & API Security

• Deep expertise with service mesh architectures (e.g., Istio, Kong), to enable secure & reliable east-west service communication
• Extensive experience managing and configuring API gateways (e.g. Kong, Amazon API Gateway) for internal and external services, including:
• Authentication and authorization through OIDC, OAuth2, JWT, and mTLS
• Secure API exposure and traffic governance

Certificates & mTLS Management

• Strong experience managing PKI and certificate lifecycles, including issuance, rotation, and revocation
• Practical experience deploying and managing mTLS within distributed systems and Kubernetes workloads
• Experience integrating certificate authorities (CAs) and automating certificate management (e.g., cert-manager or similar tools)
• Understanding of trust models and certificate chain validation in zero-trust environments

Security Hardening & Zero Trust

• Strong background in security hardening and zero-trust architecture, including:
• Enforcing default mTLS across workloads
• Carrying out infrastructure-level authentication and authorization
• Crafting and maintaining fine-grained access control policies
• Experience building and maintaining zero-trust security models across multi-cluster or distributed systems
• Write and detail security policies and practices with clear, practical mentorship to ensure understanding and effective implementation

Kubernetes Security & Access Control

• Strong experience securing Kubernetes environments, including:
• Implementing namespace isolation and protection strategies
• Crafting and enforcing access controls and policies
• Managing service accounts and workload identities securely
• Familiarity with Kubernetes security guidelines, including least privilege access, network policies, and workload segmentation

Qualifications

Technical Skills & Platform Experience

• Bachelor's degree or equivalent experience required
• Proficiency in scripting and programming languages such as Python and Go
• Demonstrated experience applying and upholding security governance frameworks, including security policy enforcement and compliance controls
• Hands-on experience working with multi-cloud environments, particularly AWS and GCP
• Strong experience with Kubernetes and containerized environments
• Build, and implement security controls and frameworks
• Experience implementing security guidelines (mTLS, OAuth2, JWT, RBAC, ABAC)
• Detect security gaps, and lead efforts to mature security tooling and operational processes
• Work closely with product and platform teams to define system requirements, engineer, and implement cloud based security applications and controls
• Write code to automate security processes which seamlessly integrate into code builds and deployments, applying DevSecOps processes and tools
• Develop, and deploy automation solutions that help audit, secure, and affect changes across multi-cloud environments
• Reviewing tools for improving platform availability using automated protection mechanisms
• Experience with monitoring and observability tools (Grafana, Datadog)
• Research and recommend new technologies and collaborates on solutions
• Excellent written and oral communication skills. Strong social skills include the ability to articulate to both technical and non-technical audiences. Also, strong analytical and problem-solving skills.
• Technical certifications or other demonstrations of passion in security and technology such as CISSP, CCSP are a plus!

Please refer to our Candidate Privacy Notice for more information about how we process your personal information, and your data protection rights.

At SIE, we consider several factors when setting each role's base pay range, including the competitive benchmarking data for the market and geographic location.

Please note that the base pay range may vary in line with our hybrid working policy and individual base pay will be determined based on job-related factors which may include knowledge, skills, experience, and location.


In addition, this role is eligible for SIE's top-tier benefits package that includes medical, dental, vision, matching 401(k), paid time off, wellness program and coveted employee discounts for Sony products. This role also may be eligible for a bonus package. Click here to learn more.

The estimated base pay range for this role is listed below.

$158,900-$238,300 USD

Please note, Sony Interactive Entertainment conducts background checks at the offer stage for all new employees (which may include criminal background checks for some roles) and will need to process personal information to support these checks.

Please refer to our Candidate Privacy Notice for more information about what personal information we collect, how we use it, who we share it with, and your data protection rights.

Equal Opportunity Statement:

Sony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category.

We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.


Sony Interactive Entertainment is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment.