Cloud Security Engineer
About the role
Why Sony Interactive Entertainment?
Sony Interactive Entertainment isn’t just the Best Place to Play — it’s also the Best Place to Work. Sony Interactive Entertainment (SIE) is the company behind the PlayStation brand. As a subsidiary of Sony Group Corporation, we’re part of a proud legacy of innovation and excellence. SIE is a dynamic technology company, delivering cutting-edge hardware and network services to more than 100 million people and an entertainment leader, home to some of the most beloved and recognizable intellectual properties (IP) in the world. Our role at SIE is to create and nurture the experiences under the PlayStation brand, a name synonymous with entertainment excellence and creativity.
Cloud Security Engineer
We are looking for an inspirational and hardworking person to join the Platform Hosting Cloud Security Engineering team at SIE! You'll be joining a team of innovative engineers who are unified in their mission to make PlayStation the best and most secure gaming platform. This support is fulfilled by minimizing impact to the platform while ensuring security needs are met. This role is highly technical and requires a shown grasp of security principles and how they are applied to production environments. You will assist in the planning, building, development, testing, and management of security tools and processes that provide protection and visibility of our cloud environments.
Key Responsibilities
Service Mesh & API Security
- Deep expertise with service mesh architectures (e.g., Istio, Kong), to enable secure & reliable east-west service communication
- Extensive experience managing and configuring API gateways (e.g. Kong, Amazon API Gateway) for internal and external services, including:
- Authentication and authorization through OIDC, OAuth2, JWT, and mTLS
- Secure API exposure and traffic governance
Certificates & mTLS Management
- Strong experience managing PKI and certificate lifecycles, including issuance, rotation, and revocation
- Practical experience deploying and managing mTLS within distributed systems and Kubernetes workloads
- Experience integrating certificate authorities (CAs) and automating certificate management (e.g., cert-manager or similar tools)
- Understanding of trust models and certificate chain validation in zero-trust environments
Security Hardening & Zero Trust
- Strong background in security hardening and zero-trust architecture, including:
- Enforcing default mTLS across workloads
- Carrying out infrastructure-level authentication and authorization