Cybersecurity Analyst III (PSIRT)

REQ: REQ-112008 IT

  • Lake Forest, CA, United States
Apply Apply

About PAC:
Who We Are: Panasonic Avionics takes entertainment to new heights. We’re the world’s leading supplier of (IFEC) inflight entertainment and communications systems that allow airborne passengers to get their fix of live TV, movies, music, interactive games, maps, and much more! We make traveling on airplanes more exciting!

What We Value:
As an organization, we value people who are motivated and driven. We value a collaborative work environment that enhances careers and positively impacts society. We value our diverse work culture committed to delivering products and achieving high results. Seeing our products bring delight to others is just one way we measure success.

Why You Should Join:
A job is only part of what we offer. See how you can flourish in a career while getting the support and resources from some of the most talented people in the industry. You will work on technology that makes traveling the world that much better. Lastly, you will be rewarded with world class benefits and competitive wages. Come aboard, we’ve been expecting you!

JOB SUMMARY

The Panasonic Cybersecurity Risk Management (“PCRM”) organization was created to strategically enable the business mission of enhancing the passenger experience, improving operational efficiencies, and generating business opportunities.

Our mission is to protect the Panasonic brand and reputation, digital processes and technologies, data and intellectual property, and the customer data under its custodianship.

The scope is global in nature and achieves it’s mission by developing and operating, programs to identify, prioritize, communicate, measure, and drive to closure, cybersecurity risk across the enterprise and its portfolio of NEXT generation products and services.

To support this focus, Panasonic seeks a candidate for the position of Cybersecurity Analyst. The Cybersecurity Analyst for the Product Security Incident Response Team (PSIRT) will support the incident response process for product security. The best candidates for the role possesses one or several of the following characteristics: a background in incident response, product security, vulnerability validation and replication, secure development practices, working in a large matrixed organization, and/or the decision-making skills to handle the fast-paced world of incident response.

The Cybersecurity Analyst must be comfortable working in a dynamic, flexible, fast paced environment and is expected to partner with other cybersecurity program focals, information technology organizations, network operation centers, software development teams, product management, security researchers, law enforcement, and business stakeholders, to manage, and drive forward security projects in support of the incident response program.

RESPONSIBILITIES

Program Management

  • Responsible for coordination of product vulnerability management for software products and the support of the incident response processes spanning a wide range of products, from embedded software to mobile and cloud applications.
  • Work internally and cross functionally with all PSIRT stakeholder executives, technology leaders, software engineers, DevOps, customer support, legal, external security researchers, external partners (e.g. customer, OEM, business partners, A-ISAC), to drive product vulnerability issues to closure.
  • Collaborate with software development, operational technology (OT) operations, risk management, quality teams, and external partners (e.g. customer, OEM, business partners, A-ISAC), providing them with information on discovered vulnerabilities, as well as driving assessment and mitigation activities ensuring cybersecurity risk is addressed to an acceptable level for the business.
  • Maintain connections with vendors and customers, staying aware of newly discovered vulnerabilities and driving coordinated vulnerability disclosure process.
  • Stay abreast of the cybersecurity threat landscape to bring awareness of their applicability to Panasonic products and work on resolving those threats and improving product security posture.

Outreach & Communications

  • Cultivate working relationships with customer/OEM product security focals, internal teams, external researchers, reporting organizations and customers to ensure effective collaboration. Work with customer facing and internal teams to continually improve processes used to identify and fix product security vulnerability issues.
  • Collaborate with software development, operational technology (OT) operations, risk management, quality teams, and external partners (e.g. customer, OEM, business partners, A-ISAC), providing them with information on discovered vulnerabilities, as well as driving assessment and mitigation activities ensuring cybersecurity risk is addressed to an acceptable level for the business.
  • Draft and publish product security advisories and support a Panasonic responsible disclosure process for new threats and vulnerabilities.
  • Support post-incident communcations and reviews for presentation to management and/or external stakeholders.

KNOWLEDGE/SKILL REQUIREMENTS 

  • Experience performing vulnerability management and incident response activities is highly preferred.
  • Strong foundation in developing, implementing, and managing a security project or program.
  • Proven ability to understand and discuss technical cybersecurity concepts and be able to interact with various levels in an organization from engineering to executive management.
  • Experience with the software development lifecycle, agile development methdologes, and application security process integration.
  • Knowledge of collaboration software such as Atlassian software suite, Teamforge, IBM Rational, and JIRA.
  • Knowledge of the following ISO standards: 30104, 29147, 29100 or similar process.
  • Demonstrated experience in leading and executing security projects in at least 3 or more of the following domains platform security, application security, network security, infrastructure, cloud security, data security and identity and access management.
  • Expert knowledge of OWASP Top 10, CVE, CVSS 3.0 as well as ability to recognize and understand various types of application, infrastructure and protocol vulnerabilities.
  • Excellent written and verbal communication skills, with experience presenting to executive audience.
  • Ability to collaborate in a very fast paced environment.
  • Ability to track and lead numerous parallel activities.
  • Ability to work effectively in fluid environments.
  • Ability to engage with and influence people at all levels.
  • Ability to interface and coordinate with many teams simultaneously.
  • Ability to evaluate processes to see where changes can be made or improved.
  • Ability to build relationships and influence individuals at all levels, as well as external security.

EDUCATION/EXPERIENCE REQUIREMENTS

  • BS degree in Computer Engineering, Computer Science, IT, Information Assurance, or related field or 3 years of related technical experience.
  • Ability to obtain SANS GCTI certification within 12 months of employment
  • Awareness of the latest IT and OT security trends and developments
  • Strong analytical & evaluative thinking
  • Strong interpersonal skills
  • Strong written and verbal communication skills
  • Nice to have International work experience and cultural appreciation

OTHER REQUIREMENTS

  • May be required to travel up to 25% domestically and/or internationally.

Panasonic is proud to be an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability status, protected veteran status, and any other characteristic protected by law or company policy.  All qualified individuals are required to perform the essential functions of the job with or without reasonable accommodation. Pre-employment drug testing is required for safety sensitive positions or as may otherwise be required by contract or law. Due to the high volume of responses, we will only be able to respond to candidates of interest. All candidates must have valid authorization to work in the U.S. Thank you for your interest in Panasonic Corporation of North America.

 

#LI-SR1

REQ: REQ-112008 IT

  • Lake Forest, CA, United States
Apply Apply

As a global policy, Panasonic does not recognize resumes or other application materials submitted from staffing agencies and search firms outside of our system. Therefore, please do not submit resumes or other application materials through the external Panasonic web site or directly to our employees. Any resumes or other application materials submitted through the external web site or directly to employees of Panasonic or any of its subsidiaries or affiliates will not be eligible for any agency fee, and the resume and other application materials will be added to our database for direct recruitment.

Panasonic assigns only certain positions to approved staffing agencies and search firms that have a current agreement with Panasonic in place. Not all positions are eligible for an agency fee.