Staff Cloud Security Engineer

OverviewProvide cloud security capabilities that are proactive, preventive-focused models that address modern threats, including those driven by AI-enabled attack techniques. Expanding into next-generation security domains such as AI/ML security, container security, and advanced threat detection and response.We are seeking a highly experienced Cloud Security Engineer (Staff) to define and drive security architecture, strategy, and engineering practices across multi-cloud and hybrid environments. This role will serve as a technical leader responsible for securing cloud-native and AI-driven systems at scale while influencing security outcomes across multiple teams and departments.Key ResponsibilitiesDefine and drive cloud security strategy, architecture standards, and technical roadmaps across cloud and AI-enabled environmentsLead the design and implementation of preventative security controls, leveraging automation and AI-driven capabilities to reduce risk and improve detection and responseArchitect and secure complex multi-cloud and hybrid environments across AWS, Azure, GCP, and on-premise infrastructureDefine and implement security architecture for AI/ML workloads, including model pipelines, data protection, and AI-integrated applicationsIdentify and establish controls to mitigate AI-specific risks such as prompt injection, data poisoning, model leakage, and adversarial inputsInfluence security and engineering practices across multiple teams and departments, driving adoption of secure-by-design principlesOwn the security outcomes of key cloud and AI initiatives, ensuring successful delivery and measurable risk reductionEstablish and evolveDevSecOps and Infrastructure-as-Code (IaC) security standards, integrating security controls into CI/CD pipelines at scaleDrive adoption and optimization ofCNAPP platforms and related tooling to improve risk visibility and remediation across cloud, container, and AI environmentsDefine and implement security architecture for containerized platforms (Kubernetes/EKS/GKE/AKS), including cluster hardening, workload isolation, image supply chain security, and runtime protection controlsLead the evolution ofdetection and response capabilities, integrating cloud telemetry, Cloud EDR, and advanced security analyticsConduct and guidethreat modeling and risk assessments (Attack Surface Management, Data Security Posture Management, etc.) for complex cloud-native and AI-enabled systemsArchitect and deliverautomation frameworks and security services to improve scalability and operational efficiencyProvide technical leadership and mentorship to engineers, influencingdepartment-level goals and technical directionQualificationsBachelor’s or Master’s degree in Computer Science, Information Security, or related field (or equivalent experience); typically12+ years of relevant experienceProven experience defining and securinglarge-scale cloud and hybrid architectures (AWS, Azure, GCP, On-Premise)Deep expertise incloud security architecture, including IAM, network segmentation, encryption, and secure design patternsStrong programming and automation experience, with the ability to design and scalesecurity engineering solutionsExtensive experience implementingDevSecOps practices and securing Infrastructure-as-Code (IaC) workflowsExpertise working withcontainer technologies (Kubernetes, Docker, EKS, GKE, AKS)AI / ML Security ExpertiseDeep understanding of security risks in AI/ML systems, includingprompt injection, data poisoning, model leakage, and adversarial inputsExperience defining and securingAI/ML architectures, including training pipelines, inference systems, and AI-integrated applicationsStrong knowledge ofdata security and privacy controls in AI systemsFamiliarity with frameworks such asOWASP Top 10 for LLMs andNIST AI Risk Management FrameworkExperience securing advanced AI patterns such asLLM integrations, APIs, MCPs, RAG pipelines, or model services (preferred)Security Tooling & OperationsExperience leading implementation and adoption ofCNAPP platformsDeep understanding ofcloud detection and response, IaC scanning, and runtime protectionStrong background insecurity prevention, detection, and response strategyAdditional ExperienceExperience designinghighly scalable, resilient, and secure architectures across application, network, and data layersExperience influencing technical direction acrossmultiple teams or departmentsRelevant certifications (e.g.,ISC2, GIAC, AWS, Azure, GCP) preferredExperience working acrossmulti-OS and distributed environmentsPlease refer to our Candidate Privacy Notice for more information about how we process your personal information, and your data protection rights.Equal Opportunity StatementSony is an Equal Opportunity Employer. All persons will receive consideration for employment without regard to gender (including gender identity, gender expression and gender reassignment), race (including colour, nationality, ethnic or national origin), religion or belief, marital or civil partnership status, disability, age, sexual orientation, pregnancy, maternity or parental status, trade union membership or membership in any other legally protected category.We strive to create an inclusive environment, empower employees and embrace diversity. We encourage everyone to respond.PlayStation is a Fair Chance employer and qualified applicants with arrest and conviction records will be considered for employment. #J-18808-Ljbffr