Executive Director, Application Security Architect jobs in United States
cer-icon
Apply on Employer Site
company-logo

Sony Pictures Entertainment · 3 weeks ago

Executive Director, Application Security Architect

positionCulver City, CA
timeFull-time
remoteHybrid
seniorityDirector/Executive
money$205K/yr - $258K/yr
date10+ years exp

Sony Pictures Entertainment is seeking a visionary and hands-on Executive Director of Security Architecture with a focus on application security, data security, and cloud. The role involves leading the strategic design and implementation of security architecture, addressing cyber risks, and promoting secure coding practices across the organization.

ContentFilm DistributionFilm ProductionMedia and EntertainmentTV Production
check
H1B Sponsor Likelynote

Responsibilities

Develop and articulate a comprehensive security architecture strategy for application, data and cloud for Sony Pictures information and content assets
Continuously evaluate emerging threats and industry best practices to evolve our security posture
Define, document, and promote security architecture, DevSecOps, and technical standards throughout Sony Pictures
Lead the development and implementation of comprehensive security architecture strategies for application, data and cloud environments to protect against current and emerging threats
Lead hands-on design and implementation reviews of security solutions across application, data and cloud domains
Thoroughly assess security risks in existing and planned systems and infrastructure
Define technical security standards and governance processes
Lead security architecture review processes, ensuring all new systems and changes to existing systems comply with Sony’s security standards
Conduct in-depth assessments of current security architectures, identify threats and vulnerabilities, and develop mitigation strategies
Recommend design patterns and security best practices for technology and application implementations
Research, evaluate, and recommend cutting-edge security technologies and tools
Oversee proof-of-concept initiatives and guide vendor selection
Conduct market research to assess the landscape of available security solutions in specific areas (e.g., data security, cloud security, application security)
Liaise with IT and security operations teams to define and orchestrate POC testing for shortlisted security solutions
Work closely with IT infrastructure, application development, DevSecOps, and business stakeholders to embed application security principles throughout all phases of technology development and deployment
Develop and maintain security architecture documentation and standards
Collaborate with IT and business units to integrate security best practices into the development lifecycle of projects and technology initiatives
Maintain a deep understanding of security regulations and frameworks (e.g., NIST, ISO 27001, PCI DSS, OWASP, SAFECode) for designing systems and processes that not only protect data but also demonstrate adherence to industry standards and regulations

Qualification

Application SecurityCloud SecuritySecurity ArchitectureDevSecOpsNetwork SecurityCompliance FrameworksSecure Coding PracticesTechnical CertificationsLeadershipStrategic ThinkingCommunication SkillsProblem-solvingAdaptability

Required

Mastery of Security Architecture Principles: Deep understanding of defense-in-depth strategies, zero-trust models, identity and access management (IAM), AI Security, Product Security, Threat modeling, GPDR and privacy, vulnerability assessment techniques, DevSecOps, Secure Coding Principles and Practices
Application Security Expertise: Demonstrated experience with Full Stack WebApp/API, firewalls (WAFs), secure software development lifecycles (S-SDLCs), DevSecOps, IaC, Docker/Container Security, Data Security, static/dynamic application security testing (SAST/DAST), API security, Authentication/Authorization Best Practices, and Secure Coding Standards and Techniques
Cloud Security Expertise: Proficient in cloud security models (IaaS, PaaS, SaaS), cloud-native security tools, encryption and key management, privileged access management (PAM), security posture and compliance within cloud environments, mainly AWS and Azure
Network Security Expertise: Excellent knowledge of firewalls, intrusion detection/prevention systems (IDS/IPS), network segmentation, VPNs, network access control (NAC), DMZ design, and DDoS mitigation
Proficiency in Major Frameworks: Demonstrated knowledge of NIST Cybersecurity Framework, ISO 27001/27002, PCI DSS (if handling payment card data), OWASP, SAFECode, and other relevant entertainment industry guidelines such as TPN and MotionLabs
Translation to Practice: The ability to take concepts from frameworks and benchmarks and apply them practically to the design of security solutions. This includes mapping controls, risk assessment techniques, and documentation in alignment with standards
Leadership: Strong ability to lead, motivate, and develop a team of security professionals. Foster a collaborative and results-oriented environment
Strategic Thinking: Capacity to align security objectives with Sony broader business and Cybersecurity goals, effectively quantifying risks and prioritizing initiatives for optimal impact
Communication and Influence: Excellent written and verbal communication skills. The ability to translate technical concepts for non-technical audiences and secure buy-in at the executive level
Problem-solving: Analytical mindset with demonstrated adeptness in solving complex security challenges
Adaptability: Ability to thrive in a dynamic, fast-paced environment where technologies and threat landscapes rapidly evolve
Bachelor's degree in Computer Science, Information Security, or a related field
Minimum of 10+ years of progressive experience in cybersecurity, application security engineering, with at least 5+ years in a security architecture leadership role with hands-on experience

Preferred

Advanced technical certifications strongly preferred (CISSP, CCSP, CSSLP, OSCP, or vendor-specific architecture and security certifications)

Benefits

Annual incentive
Comprehensive benefits

Company

Sony Pictures Entertainment

twittertwittertwitter
Glassdoor4.0
company-logo
Sony Pictures Entertainment (SPE) is a subsidiary of Sony Entertainment Inc., a subsidiary of Tokyo-based Sony Corporation. It is a sub-organization of Sony.
dateFounded in 1987
location
Culver City, California, USA
people-size5001-10000 employees
web-link
http://sonypictures.com

H1B Sponsorship

Sony Pictures Entertainment has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (290)
2024 (258)
2023 (208)
2022 (279)
2021 (210)
2020 (213)

Funding

Current Stage
Late Stage
Total Funding
$1M
2000-11-07Series A· $1M

Leadership Team

T
Tom Bernard
Co-President and Co-Founder of Sony Pictures Classics
linkedin
leader-logo
Jake Zim
Senior Vice President Virtual Reality
linkedin

Recent News

The Hollywood Reporter
Sony Buys Majority Stake In ‘Peanuts’ IP for $460 Million
2025-12-19
Newsfile
WildBrain to Sell Its 41% Stake in Peanuts to Sony for $630 Million
2025-12-19
Mediagazer
Sony Pictures Entertainment and Sony Music Entertainment (Japan) agree to buy WildBrain's 41% stake in Peanuts Holdings for ~$457M, raising Sony's slice to 80% (Todd Spangler/Variety)
2025-12-19
Company data provided by crunchbase