We are looking for a Staff Cyber Security Engineer to be part of our NBCU Security Architecture team, focused on emerging technologies including AI. This Staff Cyber Security Engineer will partner with the various NBCUniversal businesses, enterprise IT, and Cyber Security organization to ensure technology is designed and deployed securely and aligned with Cyber Security and enterprise technology strategies. This individual will function as a security subject matter expert with broad knowledge ac... more details
Job Description
We are looking for a Staff Cyber Security Engineer to be part of our NBCU Security Architecture team, focused on emerging technologies including AI. This Staff Cyber Security Engineer will partner with the various NBCUniversal businesses, enterprise IT, and Cyber Security organization to ensure technology is designed and deployed securely and aligned with Cyber Security and enterprise technology strategies.
This individual will function as a security subject matter expert with broad knowledge across various domains, embedded with engineering teams delivering solutions for NBCUniversal. Initially the primary focus will be on security controls applicable to AI systems and other emerging technologies. You must be cognizant of the wide variety of threats all systems must be protected against and developing threat models and control strategies that are fully integrated into the design, development, and operation of new and evolving technology platforms. The analysis will involve collaboration across the Cyber organization, partnership with business stakeholders, and will result in security guidance and/or mitigation requirements.
Finally, you will effectively communicate the importance of key Cyber programs and services to obtain support, trust and buy-in from business and technology teams to ensure security goals are being met.
Qualifications
Basic Requirements:
8+ years of experience partnering with business and technical teams to architect secure products and maintain a secure posture throughout their lifecycle
Ability to explain common threats to components including Network, Cloud, Web and Application environments and design mitigations with context of product and business needs
Some knowledge and awareness of ML and generative AI technologies, including common security concerns and mitigations
Knowledge of best practices in the Cyber Security industry, including OWASP Top 10 and CWE/SANS Top 25
Advanced technical knowledge in one or more security domains, with specific expertise designing complex systems and mitigating significant risk
Ability to give and receive constructive feedback in a team environment, fostering a culture of continual improvement and excellence
Willingness to provide mentorship to more junior members of the team
Strong written/verbal communication and presentation skills with the ability to tailor to both technical, and non-technical audiences
Constant learner, actively experimenting and working with new technologies with quick instincts for picking up and developing expertise in new problem domains
Experience developing and documenting security guidelines or security best practices
Excellent time management skills to appropriately prioritize multiple concurrent projects
Desired Characteristics:
Formal Degree is not required, relevant experience in the above-mentioned areas prioritized
Experience performing Threat Analysis and modeling leveraging best in industry frameworks such as MITRE ATT&CK, indicating your proficiency in implementing robust security measures
Familiarity with security control frameworks such as Cloud Security Matrix, NIST CSF, CIS Critical Security Controls
In-depth knowledge of generative AI platforms such as Azure OpenAI services and various models including GPT-4, Llama, Midjourney and the underlying technologies and safety and security risks
Understanding of various data and privacy regulations, including PCI DSS, SOX, HIPAA, GDPR, CCPA
In depth knowledge of common Cloud services and platforms (IaaS, PaaS, SaaS)
A firm understanding of Cybersecurity Engineering/Operations, Incident Response, and GRC functions
Empathy for engineering teams with the ability to balance security guidelines and policies with operational needs to maintain desired end-state corporate security posture
Additional Requirements:
Fully Remote: This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee’s residence.
This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks. Learn more about the benefits offered by NBCUniversal by visiting the Benefits page of the Careers website. Salary range: $130,000 - $170,000 (bonus eligible)
We are accepting applications for this position on an ongoing basis.
Additional Information
NBCUniversal's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access nbcunicareers.com as a result of your disability. You can request reasonable accommodations by emailing [email protected].
Job Abstracts is an independent Job Search Engine. Job Abstracts is not an agent or representative and is not endorsed, sponsored or affiliated with any employer. Job Abstracts uses proprietary technology to keep the availability and accuracy of its job listings and their details. All trademarks, service marks, logos, domain names, and job descriptions are the property of their respective holder. Job Abstracts does not have its members apply for a job on the jobabstracts.com website. Additionally, Job Abstracts may provide a list of third-party job listings that may not be affiliated with any employer. Please make sure you understand and agree to the website's Terms & Conditions and Privacy Policies you are applying on as they may differ from ours and are not in our control.
We would like to take a second to Welcome You to Job Abstracts, the nation’s largest Pure Job Board. With over 3.1 million job listings from 15,000+ Companies & Organizations, we help job searchers find careers that match their interests. As an anonymous user, you have probably discovered how easy our system is to use. However, you have just scratched the surface of what we can offer.
We encourage you to Register so you can use our most powerful features: searching with multiple terms, setting up multiple locations, establishing favorite companies, and accessing your search history. If you find a job you like, you can apply directly for it, and then, keep notes on it. We will also keep a lookout for jobs that match your search terms and email you when we find something you may like.
You can register for free and the system is free to use. If you like our system so far, click on Register and unlock the power required by serious job searchers.
Any time you conduct a search, the system shows you job matches, ranked by their Relevance Score (RS).
The score is calculated by a proprietary algorithm that uses Intelligent Machine Learning.
The Relevance Score tells you how well the job opportunity matches your search term or terms.
When not logged in, the system is limited to one search term. Scores for single term matches are usually lower.
When you register, log in, and set up multiple terms prioritized by importance, the jobs found for you will receive a much higher Relevance Score.