Senior Security Engineer-DevSecOps at Pluto TV (Greater LA Area, CA)
Pluto TV, a ViacomCBS company, is the leading free streaming television service in America, delivering 250+ live and original channels and thousands of on-demand movies in partnership with major TV networks, movie studios, publishers, and digital media companies. Pluto TV is available on all mobile, web and connected TV streaming devices and millions of viewers tune in each month to watch premium news, TV shows, movies, sports, lifestyle, and trending digital series. Headquartered in West Hollywood, Pluto TV has offices in New York, Silicon Valley, Chicago and Berlin.
Pluto TV is looking for a hands-on cloud security engineer to improve and maintain our cloud security posture. We are looking for someone with a minimum 5 years experience and a deep understanding of AWS architecture. This role will require someone who is passionate about DevSecOps with an accomplished background in building secure world-class infrastructure and tooling in terms of reliability, scalability and accessibility.
We desire someone who can help implement a capability driven, highly automated, approach to security operations, monitoring, incident response, and our overall information security program efforts.
Overview & Responsibilities:
Design and implement multiple secure cloud environments.
Design and implement a logging and alerting strategy.
Implementation and tuning of various AWS security services.
Perform threat modeling and risk assessments where necessary.
Take an automation first approach to various tasks and processes.
Demonstrated experience in handling cybersecurity incidents through the incident response lifecycle.
Demonstrated experience in automating cloud security functions.
Demonstrated experience in monitoring and alerting strategies.
Demonstrated experience with the following security areas: SIEM, Vulnerability. management, identify and access management, firewalls, and incident response.
Layer 2, 3 and 4 infrastructure designs and functionality.
Firewalls, rule base analysis and secure VPC implementation.
Knowledge of Common Cybersecurity Frameworks (NIST, ISO, COBIT, and SSAE-16).
Identity and Access Management methodologies.
Authentication Platforms, which includes but is not limited to LDAP and Active Directory.
Federated Authentication Platforms and associated protocols.
Audit and administration of security groups, firewall rules and other built in controls.
Administration and day to day support of various cloud security technologies.
Administration and provisioning of accounts and IAM roles across multiple environments.
Create and update design documents, data flows and other program documentation.
Help educate other teams such as DevOps and Engineering on security best practices.
5+ years industry experience required, including previous experience working in DevSecOps.
5+ years in handling cybersecurity incidents through the incident response lifecycle.
5 + years experience automating cloud security functions.
5 + years Scripting experience (ideally writing & maintaining Lambda functions and/or python scripting)
In depth experience with AWS architecture and AWS security strategies.
Previous experience working in DevSecOps, including knowledge and experience implementing a Secure Software Development Lifecycle.
Goal driven individual with good technical, interpersonal, communication and organizational skills.
Makes a dedication to helping build a “transparent culture of service” which fosters an open, honest, candid workplace within the teams handled.
Embraces and fosters “innovation” by working on new things in new ways every day.
Develop a global perspective with consideration for local business needs.
Acts as an Information Security domain authority and is comfortable interacting with employees at all levels and roles.
Resource management skills, capable of leading contract employees.
Acts responsibly with sensitive and confidential information.
Is creative and inventive as a problem solver.
Consistently demonstrates the drive to deliver projects successfully even under difficult timelines.
Have strong logical, analytical, methodical, investigative, and auditing skills.
Knows when to make practical rational decisions that reduce risk to Viacom information and Information systems.
Excellent verbal and written communication.
Travel domestically and internationally if required and with short notice.
Must be reliable and available 24/7 if required.
ViacomCBS is an equal opportunity employer (EOE) including disability/vet.
At ViacomCBS, the spirit of inclusion feeds into everything that we do, on-screen and off. From the programming and movies we create to employee benefits/programs and social impact outreach initiatives, we believe that opportunity, access, resources and rewards should be available to and for the benefit of all. ViacomCBS is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ethnicity, ancestry, religion, creed, sex, national origin, sexual orientation, age, citizenship status, marital status, disability, gender identity, gender expression, and Veteran status.
If you are a qualified individual with a disability or a disabled veteran, you may request a reasonable accommodation if you are unable or limited in your ability to use or access. https://www.viacomcbs.com/careers as a result of your disability. You can request reasonable accommodations by calling 212.846.5500 or by sending an email to [email protected] Only messages left for this purpose will be returned.