Cybersecurity Engineer

Overview

What We Do/Project

The Security Engineering team empowers the Global Information and Content Security (GICS) teams by supporting the Security Engineering, Security Architecture, Threat Detection and Response, and other Security teams/functions through the deployment, management, and maintenance of shared, reliable, and extensible security platforms/systems. The security engineer plays a key role in the GICS security engineering team, ensuring that security best practices are followed and that tools and processes that support a secure platform are maintained and kept up to date.

Ideal candidates will have a mixture of security and systems engineering backgrounds to ensure that business processes are configured correctly and that security best practices are designed and implemented.

• Implement design reviews to evaluate security controls
• Identify and communicate opportunities to enhance our security posture
• Build and / or manage enterprise security platforms effectively
• Communicate effectively across all levels of management to articulate security goals and vision
• Build and / or manage enterprise security platforms effectively (SAAS, on premise or in Cloud)
• Communicate effectively across all levels of management to articulate WBD security goals and vision
• Have a team player mentality; strive to contribute to team cohesion however can work independently if the need arises
• Plan, design, engineer and implement security-related technologies
• Understand technical security issues, their implications within business units and able to effectively communicate them to management and other business leaders
• Configure, troubleshoot, and maintain security infrastructure – including software and hardware in cloud environments, as well as on-premises
• Conduct security audits and assessments to regularly determine the effectiveness of security platforms and identify areas of improvement
• Host and operating systems hardening, auditing, monitoring and logging with appropriate security controls and best practices while meeting security best practices and business goals
• Research and explore emerging security technologies and determine their appropriate use within the company
• Prepare, document, and create standard operating procedures and protocols
• Crosstrain and mentor other team members as needed

• Implementing advanced cyber security technology in a complex environment
• 8+ years of experience;
  Hands-on experience in security engineering, hands-on experience in building, designing, and maintaining enterprise security tools
• Scripting experience (using Python, Go, or other equivalent languages)
• 8+ years of experience
• Hands-on Experience with automation technologies
• 5+ Years of experience;
  Terraform, Ansible, Cloud Formation, etc.
• Linux Experience
• 8+ years of experience;
  Ability to construct and maintain complex network infrastructures

• Engineer and administer security platforms including SIEM/SOAR systems, endpoint detection and response, vulnerability management, anomaly detection, and cloud analysis
• Experience in managing the Brinqa vulnerability management platform and experience with Groovy programming language
• Must have 5+ years of scripting experience (using Python or other equivalent languages)
• Hands-on Experience in public cloud infrastructures like AWS (Amazon Web Services)

• Security and Cloud certifications are a plus. (CISSP, Splunk Admin, AWS Solution architect)
• Media/entertainment or distributed global network experience

• Hands-on technical experience with networking and computing system architectures, specifically, the security aspects thereof
• Thorough understanding of information security principles, techniques, policy frameworks, and best practices
• Hands-on technical experience with compliance and regulatory frameworks and how they affect architecture designs and review

• Sourcing out of MD – Silver Spring, DC, or ATL
• Open to remote, although not preferred
• Hybrid schedule is ideal

#DICE