About
Job Description
Responsibilities
Join NBCUniversal and help us build Host monitoring and protection platforms and services that enable and protect the experience of our businesses.
This role is a part of the Cyber Security Platforms team, responsible for security technology that supports the entire NBCUniversal enterprise. You'll own product strategy and service management for a key Cyber Security practice area.
You'll
* Develop, plan, and implement a strategy for continually evolving host monitoring and protection in support of our overall NBCUniversal Cyber Security vision. Create a roadmap and drive our progress along it.
* Partner with the technical operations teams to enhance, maintain and sustain our endpoint security platforms, including anti-malware, system hardening, and EDR. Deliver security services smoothly in a global, 24x7 enterprise.
* Work with architects and engineers to build the tech for your roadmap and meaningfully move the needle for our security capabilities. Lead and influence design, development, and implementation across teams.
* Understand and empathize with our Cyber Security stakeholders (such as NBC News, Universal Pictures, and Parks & Resorts). Ensure our services are real solutions that help our businesses deliver world-class content and experiences - securely.
* Be a point of a contact for engagement and escalations and keep services focused toward SLAs and key milestones. Value accountability and manage expectations deftly.
* Mentor engineers and other technologists to develop NBCUniversal's security mindset. Help them understand the domain, ask hard questions, think strategically, and grow as security professionals.
Qualifications/Requirements
* Deep technical understanding of multiple platforms, products, and concepts in the endpoint protection space such as: Exploit mitigation, anti-virus/malware, telemetry and monitoring tools, and management tooling across Windows, Linux and Mac
* Strong communication abilities, a desire to build consensus, and a comfort relaying technical and security principles and decisions to a wide range of audiences
* Experience designing and operating security tools and services at enterprise-scale
* Comfort engaging in deeply technical efforts while keeping a strategic view and staying focused on key goals
* An understanding of security risk and a willingness to make risk-based decisions balancing the urgent and the important
* A thirst for improvement and an inclination to thoughtfully challenge the status quo
* Desire to try things and iterate on them, fail fast, and focus on features that matter
Desired Characteristics
* Experience working with vendor-integrated systems and appliances, broadcast systems, open-source host protection software (Santa, osquery, etc.), or commercial EDR platforms
* Understanding threat intelligence, ATT&CK framework, Cyber Kill Chain, or the Pyramid of Pain, and how they fit into developing internal security strategy
* Orchestrating security tools across complex environments to improve IR and investigations
* Data-driven decision making, light data analytics, and metrics/data visualization
* Comfort with scripting or software development
* Exposure to security compliance requirements/frameworks such as ISO27001, PCI/DSS, NIST 800-53, etc.