Our client, the world's leading music company, is looking for a Security Engineer to join their team in Woodland Hills, CA! This role is onsite so local candidates are required.
***This is a 3 month initial contract with the opportunity to extend or convert based on performance and business need***
This Security Engineer will report to the SVP, Global Cybersecurity & Crisis Management. This person will be responsible for identifying risks issues associated with security tools, understanding the business, strategy, and information security requirements, and recommending secure architecture aligned to business architecture. This position handles vendors that provide incident response and services, provides network and system forensics in support of investigations and global security incident response activities.
Responsibilities
Work closely within the Security Operations team to help manage, maintain, design, configure, and document security tools, systems, and processes including, but not limited to, the following:
- Administer security tools and technologies
- Maintain systems (Linux, Windows, etc.) E.g. install security patches, OS updates, etc.
- Collect and analyze systems and application security logs
- Ensure compliance with internal policies, standards and regulatory requirements
- Perform forensics activities and root cause analyses
- Review and monitor security logs from all systems (Firewalls, OS’, Email, IDS, Splunk etc...), and take action to mitigate any threats based on findings
- Conduct vulnerability assessments, review and confirm vendor suggested vulnerability remediation as needed
- Assessing and triaging potential security incidents. Coordinating and leading response to high impact security incidents.
- Lead efforts to detect and analyze malicious software and work with vendors and teams
Required Skills & Experience
- 4 year degree prefered, Associate's degree in Information Security, Industry Certification, or equivalent years of relevant work experience required
- 3+ years of systems engineering experience and cybersecurity work, preferably in an entertainment industry
- Experience with information security SIEMs, vulnerability scanners and application scanners
- Must be proficient with Linux administration
- Experience monitoring and responding to security incidents involving traditional (Windows, Mac, Linux or similar) and cloud-based infrastructure (AWS, GCP, and/or Azure or similar)
- Solid understanding and interest in recognized information security related standards, analysis frameworks (MITRE ATT&CK, Kill Chain, NIST Incident Response or similar) and technologies.
- Experience working in the entertainment industry is a huge plus!
- Exposure to DevOps is a huge plus! (Docker, Kubernetes, CI/CD, Terraform, Unix-based command line)
- Programming and scripting using Python, Linux shell scripts, regex is a plus
