Depois do grupo Sony ter sido hackeado 14 vezes e mais de US$ 170 milhões perdidos, ele abriu vagas de emprego na procura do seguinte perfil e qualificações básicas:

Sr Application Security Analyst-22681

  • Bachelor’s degree in computer science is required or equivalent
  • Must have 4 to 5 years of related experience
  • Knowledge of networking and client/server computing such as: Routing, Switching, Firewall, Extranet and DMZ security, customer-facing experience
  • Hands on experience with running Vulnerability Assessment tools such as Qualys, Nessus, Appscan, Web Inspect, AppDetective or others. Ability to understand and interpret vulnerabilities and communicate remediation actions to appropriate staff
  • Knowledge of SANS Top 25 and OWASP Top 10 vulnerabilities
  • Intermediate level of development experience with one of the web languages such as PHP, .NET, JAVA, HTML, Perl, Python, Ruby on Rails etc is required
  • Knowledge of Security in the Software Development Life Cycle (SDLC) assessing security in Business Requirements, Use and Abuse Cases and Threat Modeling
  • Information Security Incident Handling and Response is highly desirable
  • Ability to rapidly learn new technologies and business functions
  • Outstanding communication and negotiation skills are essential
  • Good analytical skills and the ability to multi-task
  • Able to work independently and in a team environment
  • Detail oriented
  • Solid understanding of information technology and information security practices, including the areas of host security, platform architecture, network perimeter security, intrusion detection/prevention, application security modeling, physical security, systems integrity, and disaster recovery
  • Strong project management skills, including the ability to interact with a wide range of internal staff members and external professionals, including regulators, consultants, auditors, legal counsel, ethics, and others
  • CISSP certification, and/or SANS GIAC certification in one or more areas desired.

Finalmente algum diretor de TI da Sony deve ter ouvido os milhões de usuários nerds que eles possuem. 🙂

Em contra partida e o mais engraçado foi que George Hotz, o carinha de 21 anos que destravou o PS3, está agora trabalhando no time de desenvolvimento para Facebook. Ele está no projeto de desenvolvimento de uma aplicação do Facebook para rodar no Ipad. Será a apple a próxima vítima do ?GeoHot ?