Incident Response Associate Engineer

Location: Burbank, CA
Date Posted: 02-13-2019
Job Description
Are you interested in being part of the rapidly evolving entertainment industry, helping to continue bringing blockbuster films to audiences like the Harry Potter series and Wonder Woman as well as hit televisions shows such as Ellen and The Big Bang Theory? Do you want to design, implement, and operate a risk management program that drives the effective and efficient risk assessment, treatment, and acceptance processes intended to help technology functions identify and mitigate strategic, privacy, technical, and information-security related risks? Do you enjoy identifying and assessing the technical risks associated with large-scale systems implementations and helping to identify solutions toward mitigating those risks? If so, this is the right opportunity for you! 

Do you enjoy being a guardian of networks, applications, and awesome content? Do you want to support a global cyber team and contribute to protecting our company from hackers? Do you enjoy rapidly responding to a cyber security incident that is posing a threat to the organization? Leading the way in how content is protected.

Seeking an Associate Engineer for the Information & Content Security: Security Ops & IR department. This position supports the Information and Content Security team in collaboration with company business units, 3rd party vendors and the Security Operations Center. The position provides technical investigation of events escalated by other groups and emergency response to information security incidents. This position also helps develop and implement the Information and Content Security red team program to assess corporate information security from an adversarial perspective and help identify gaps in processes, policies and technology.
 
Your core priorities will be to:  
  • Security Incident Response
    • Develop and implement improved tools, processes and procedures for incident response.
    • Assess the readiness and reliability of network monitoring, logging and data capture systems commonly utilized in response to security incidents.
    • Assess event data presented by security operation center (SOC) or other staff to identify risks and potential impacts to corporate assets.
    • Respond to information security incidents by conducting analysis of logs, packet captures, system images, malicious code or scripts and other data.
    • Assist in providing security requirements for new systems and process that will impact information security.
    • Gather and compile data during incidents to deliver reports and/or metrics.
    • Research product and technical data for ongoing projects.
  • Assist in the development and implementation of information security plans and projects in support of the Information and Content Security Red Team program.
  • Participate in other projects and assigned tasks as directed by CISO.
Knowledge, Skills & Abilities Required 
  • Bachelor’s degree in Computer Science, Engineering or related discipline preferred
  • Security certifications preferred (Security +, Linux +, GCIA, GCIH, GPEN or equivalent)
  • CISSP, GSEC or equivalent preferred
  • Minimum one (1) year of overall experience in Information Security.
  • Minimum one (1) year of experience in Info Sec Incident Response.
  • Technical Knowledge/Skills in the following areas:
    • Experience with response to high severity security incidents is required
    • Experience with response to Active Directory related incidents preferred
    • Experience in enterprise administration of Linux and Windows systems is required
    • Experience with Bash scripting, Python, Perl, regex, SQL, PHP, C, HTML, CGI required
    • Experience with Intrusion Detection Systems required (snort, Bro preferred)
    • Experience with firewalls required (Palo Alto, Netscreen, Juniper and Cisco preferred)
    • Understanding of commonly used protocols and services is required (e.g. SSL, DNS, TCP/UDP, WWW, FTP/SFTP, NTP, Telnet, NFS, SSH, LDAP, etc.)
    • Understanding of networking hardware; routers, switches, and load-balancers.
    • Understanding of network protocols and architecture (TCP/IP, ATM, WAN, Bridges, etc) is required
    • Understanding of virtual networking hardware including VMware Vsphere, ESX preferred
    • Experience in securing cloud solutions desirable (e.g. Amazon AWS, Azure, etc)
    • Experience securing remote operating systems and applications are preferred
    • Experience with version control systems is preferred
  • Functional Knowledge / Skills in the following areas:
    • Experience in one (1) or more information security domain is required
    • Experience with media, production and post production digital media systems and services is desirable
  • General Knowledge / Skills required:
    • Strong project management skills; including project planning, project design, resource allocation, utilization analysis, etc.
    • Strong reporting writing and communication skills
    • Must be able to effectively manage a number of projects and priorities in parallel
    • Working knowledge of networks and data center standards and procedures
this job portal is powered by CATS