NBCUniversal

Compensation

Full Description

Description: • Lead the design, implementation, and administration of core application security systems, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and cloud-native security tools like Snyk and Wiz. • Own the strategy and daily operations for application protection platforms, such as web application firewalls (WAFs), Palo Alto firewalls, and bot mitigation services. • Serve as a primary technical escalation point for complex security issues, providing expert guidance to internal engineering and development teams. • Act as the primary technical liaison for our Managed Security Service Provider (MSSP), overseeing daily operations, managing technical escalations, and ensuring service delivery aligns with Versant’s security standards. • Architect and implement resilient, scalable, and automated security solutions across a global, 24x7 enterprise. • Identify opportunities for and lead the development of automation to improve security workflows and reduce manual tasks. • Contribute to the long-term strategic roadmap for cyber defense infrastructure by evaluating emerging threats, new technologies, and the application of AI/ML for advanced threat detection. • Develop and maintain key performance indicators (KPIs) to measure the effectiveness of security controls and report on posture to leadership. • Mentor junior engineers, foster a strong security culture, and advocate for security best practices across the organization. Requirements: • Minimum 5-7 years of experience in a hands-on cybersecurity engineering role. • Demonstrated expertise in software and application security principles, including secure coding practices, vulnerability management, and DevSecOps integration. • Deep understanding of web protocols and technologies (HTTP, TLS/SSL, DNS) and network security architecture. • Extensive experience with at least one major public cloud environment (AWS, Azure, or GCP), including cloud security services and infrastructure-as-code. • Proficient in at least one scripting or programming language (e.g., Python, PowerShell) for automation and tool integration. • Excellent verbal and written communication skills, with a proven ability to articulate complex technical concepts to both technical and non-technical stakeholders. • Demonstrated ability to lead technical projects from concept to completion, solve complex problems with minimal supervision, and make sound decisions under pressure. • Bachelor’s degree in a relevant field or equivalent work experience. • Extensive hands-on experience engineering and managing security tools like CrowdStrike, Palo Alto firewalls, WAFs, Qualys, Snyk, or Wiz. • Proven experience integrating security tools into CI/CD pipelines and automating security workflows. Benefits: • medical, dental and vision insurance • 401(k) • paid leave • tuition reimbursement • variety of other discounts and perks