Overview: The Security Engineer, reporting to the SVP of Global Cybersecurity & Crisis Management, plays a critical role in safeguarding the organization’s information security infrastructure. This position focuses on identifying risks within security tools, aligning secure architecture with business requirements, and coordinating with vendors for incident response services. Responsibilities include conducting network and system forensics, supporting global security incident responses, and collaborating with IT, application teams, and business units to provide a cohesive security strategy. Strong troubleshooting skills and effective communication are essential, along with familiarity with network technologies, remote access solutions, network security, identity management, DNS, and DHCP. This role also requires sensitivity to diverse cultural and technical backgrounds and involves collaboration with the SecOps & Business Resiliency team and the Global Security Office (GSO).
Key Responsibilities:
- Work with the Security Operations team to manage, design, configure, and document security tools, systems, and processes.
- Administer and support various security technologies and tools.
- Maintain and update systems (Linux, Windows), including installing security patches and OS updates.
- Collect and analyze security logs from systems and applications.
- Ensure compliance with internal policies, standards, and regulatory requirements.
- Conduct forensic investigations and root cause analyses.
- Monitor security logs (firewalls, OS, email, IDS, Splunk) and respond to detected threats.
- Conduct vulnerability assessments and review remediation efforts recommended by vendors.
- Assess, triage, and respond to security incidents, particularly high-impact cases.
- Lead efforts to detect and analyze malicious software, coordinating with vendors and internal teams as needed.
- Oversee project lifecycles, including planning, executing, and closing security-related projects.
- Perform other duties as assigned.
Skills & Abilities:
- Proven experience as an incident responder with expertise in investigating, analyzing, and reporting on security incidents.
- Experience monitoring and responding to security incidents in both traditional (Windows, Mac, Linux) and cloud-based infrastructures (AWS, GCP, Azure).
- Strong analytical and problem-solving skills, with a solid grasp of security frameworks and standards (e.g., MITRE ATT&CK, Kill Chain, NIST Incident Response).
- Knowledge of exploits, vulnerabilities, and network attacks.
- Excellent written and verbal communication skills.
- Self-motivated, detail-oriented, with strong interpersonal and analytical skills.
- Ability to work well under pressure and manage multiple projects with tight deadlines in a global environment.
- Familiarity with security best practices and enterprise security controls for Windows, Linux, and Mac systems.
- Systems engineering and cybersecurity experience, ideally in the entertainment industry.
- Experience with SIEMs, vulnerability scanners, and application scanners.
- Proficient in Linux administration.
- Ability to construct Boolean logic and regex search strings.
- Scripting skills (Python, Linux shell) and familiarity with DevOps tools (Docker, Kubernetes, CI/CD, Terraform) are a plus.
Experience & Education:
- 3+ years of systems engineering and cybersecurity experience, preferably in the entertainment industry.
- Proficient in Microsoft Office Suite (Word, Excel, PowerPoint).
- Strong prioritization and problem-solving skills.
- Bachelor’s degree in Information Security or related field preferred; an associate degree, relevant certifications, or equivalent experience is also acceptable.
- Security or IT certification preferred.
