Senior Cloud Security Engineer
Metro-Goldwyn-Mayer Studios Inc
Culver City, CAThis was removed by the employer on 4/14/2021 11:08:00 AM PST
Not to worry we have many other jobs on the site;
Browse all jobs
Browse the IS/IT Category
Search for Senior Cloud Security Engineer jobs in Culver City-CA
Search all Senior Cloud Security Engineer postings
Full Time Job
Metro-Goldwyn-Mayer Studios Inc. ("MGM") is seeking a Senior Cloud Security Engineer to help expand our security organization. The ideal candidate will have a strong understanding of the cloud security epics and adoption frameworks. Experience with codifying security to implement and manage directive, preventive, detective, and responsive controls.
The Team: We're an enthusiastic group of hackers who have a passion for protecting our storytellers, creatives, workforce, content and over 96 years of Hollywood history. We pride ourselves on being innovative and progressive in all areas of information and cybersecurity. Our mission is to build frictionless security to support business enablement. Inclusiveness and empowerment are part of our ethos to elevate our team and the infosec community. Our ideal candidate can find creative ways to solve complex security challenges and not be afraid to try new things. Be willing to share their knowledge and empower others.
Responsibilities:
• Help build and maintain a consistent and advanced security infrastructure, responsible for the delivery of media content internally and externally. This includes but not limited to; identity, endpoint security, cloud security, data and privacy protection, email security, SASE, and other tooling within the security infrastructure.
• Design and build playbooks for security orchestration, automation and response (SOAR).
• Leverage cloud native security services such as AWS CloudTrail, CloudWatch, Shield, GuardDuty, Lambda, Macie, and more.
• Participate as a member of the incident response team.
• Work closely with the Media Technology Group (MTG) and AppSec to harden environment.
• Provide guidance and work closely with MTG Architecture Team to secure applications, microservices, containerization, and other cloud native workloads in AWS, Azure and GCP.
• Help drive the AWS Security Epics program.
• Assist in documenting policies, standard operating procedures, and security reference architectures.
• Participate in on-call rotation and work closely with 24/7 SOC.
Requirements:
• 3 years of experience as a Cloud Security Engineer or equivalent in information security.
• Experience in Python, JS and other modern programming languages.
• Experience building SOAR playbooks using technologies such as Phantom, Demisto, TheHive, Swimlane, etc.
• Experience with AWS and Azure. GCP familiarity is a plus.
• Experience with incident response handling.
• Experience with vulnerability and threat management for ephemeral workloads.
• Experience with CIS, NIST, and other frameworks for on-prem and cloud environments.
• Experience with identity providers such as Azure, Okta, Ping, etc.
• Experience with the MITRE ATT&CK framework.
• Experience with DevSecOps, SDLC, CI/CD, and infrastructure as code principles and toolsets.
• Experience with microservices and containerization.
• AWS certifications a plus.
• Participation experience in industry events such as DefCon, BSides, ShellCon, etc a plus.
• Participation in CTF events highly desired specifically Blue and Red Team challenges.
• Knowledge of Zero Trust and FIDO2.
#sbj