[Close] 

Product & Service Owner, Web & Application Security

Responsibilities
Join NBCUniversal and help us build web and application security platforms and services that enable and protect the experience of our businesses.
This role is a part of the Cyber Security Platforms team, responsible for security technology that supports the entire NBCUniversal enterprise. You'll own product strategy and service management for a key Cyber Security practice area.
You'll
Develop, plan, and implement a strategy for continually evolving web and application security in support of our overall NBCUniversal Cyber Security vision. Create a roadmap and drive our progress along it.
Partner with the technical operations teams to enhance, maintain and sustain our application protection platforms, including web application firewalls, DDOS mitigation, content delivery networks, and application scanning and assessment tools. Deliver security services smoothly in a global, 24x7 enterprise.
Work with architects and engineers to build the tech for your roadmap and meaningfully move the needle for our security capabilities. Lead and influence design, development, and implementation across teams.
Understand and empathize with our Cyber Security stakeholders (such as NBC News, Universal Pictures, and Parks & Resorts). Ensure our services are real solutions that help our businesses deliver world-class content and experiences - securely.
Be a point of a contact for engagement and escalations and keep services focused toward SLAs and key milestones. Value accountability and manage expectations deftly.
Mentor engineers and other technologists to develop NBCUniversal's security mindset. Help them understand the domain, ask hard questions, think strategically, and grow as security professionals.
Qualifications/Requirements
Deep technical understanding of multiple platforms, products, and concepts in the appsec space such as: HTTP, TLS, SSL, etc., WAF toolkits Cloudflare, Akamai, AWS, and F5 , application vulnerability identification and mitigation - you don't have to be a developer, but you do have to know how software breaks and what we can do about it, logging, and authentication/authorization controls
Strong communication abilities, a desire to build consensus, and a comfort relaying technical and security principles and decisions to a wide range of audiences
Experience designing and operating security tools and services at enterprise-scale
Comfort engaging in deeply technical efforts while keeping a strategic view and staying focused on key goals
An understanding of security risk and a willingness to make risk-based decisions balancing the urgent and the important
A thirst for improvement and an inclination to thoughtfully challenge the status quo
Desire to try things and iterate on them, fail fast, and focus on features that matter
Desired Characteristics
Experience with cloud and on-premise application protection, hands-on experience with CDN and WAF integration, familiarity with multiple logging tools and approaches, and/or comfort reverse engineering application semantics from logs
Understanding threat intelligence, ATT&CK framework, Cyber Kill Chain, or the Pyramid of Pain, and how they fit into developing internal security strategy
Orchestrating security tools across complex environments to improve IR and investigations
Data-driven decision making, light data analytics, and metrics/data visualization
Comfort with scripting or software development
Exposure to security compliance requirements/frameworks such as ISO27001, PCI/DSS, NIST 800-53, etc.



Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Product & Service Owner, Endpoint Security
Orlando, FL NBC Universal
Operations Engineering Mgr / Production Operat...
Orlando, FL Lockheed Martin Corporation
Application Sustainment/ BA- Senior Solution S...
Orlando, FL Deloitte Services LP
Clinical Support services Supervisor
Fort Lauderdale, FL Envision Healthcare
Sr. Product Representative
Tampa, FL HCI Group, Inc.