Senior Manager, Global Cyber Security

| Greater LA Area
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

We are UMG, the Universal Music Group. We are the world's leading music company. In everything we do, we are committed to artistry, innovation and entrepreneurship. We own and operate a broad array of businesses engaged in recorded music, music publishing, merchandising, and audiovisual content in more than 60 countries. We identify and develop recording artists and songwriters, and we produce, distribute and promote the most critically acclaimed and commercially successful music to delight and entertain fans around the world.

How we LEAD:

This role is responsible for assessing and assuring the security and integrity of UMG's applications and the environments where they're built and reside. The Global Security Office partners with all business units enterprise wide as well as product and engineering throughout the software development lifecycle to ensure applications and architecture is designed and built securely.

How you'll CREATE:

  • Develop and refine application security best practices to standardize security practices
  • Provide security guidance for the organization to protect critical assets and data
  • Lead Information Security planning processes to enhance a comprehensive Information Security program for the entire organization.
  • Provide guidance and counsel to management and other staff regarding all aspects of Information Security.
  • Lead and contribute to threat modeling processes
  • Lead efforts to internally assess, evaluate and make recommendations regarding the adequacy of the security controls for the organization's information and technology systems.
  • Review, analyze, and evaluate both internally developed software and vendor products and procedures to address security requirements
  • Work with software development teams to integrate automated security testing mechanisms
  • Contribute to education and awareness programs and advise staff at all levels on security issues, best practices, and vulnerabilities
  • Interpret security tools and penetration testing results and describe issues and fixes to developers
  • Provide vulnerability remediation guidance and mentoring to product development software engineers
  • Build metrics to track security defects and automate collection of security information to derive metrics
  • Enable automation of product security testing and find innovative ways to scale the security team
  • Evaluation of new technologies, tools, and/or development techniques that impact security
  • Conduct security assessments as needed
  • Other duties as assigned

Bring your VIBE:

  • Ability to communicate security-related topics effectively with business representatives
  • Technical experience with enterprise-level directory/messaging services (Active Directory, O365, SharePoint, etc.) implementation and operations;
  • Cloud Security and Architecture related certifications (VMware, MS Azure, GCP, AWS) are a plus
  • Familiarity with popular cloud services offered by AWS, GCP, and Azure Cloud platforms.
  • Candidates must be able to explain vulnerabilities and weaknesses in the OWASP Top 10, WASC, and/or CWE 25 to any audience, and discuss effective defensive techniques
  • Understanding of modern web application frameworks such as SPA, front-end and back-end technologies
  • Deep understanding of authentication protocols and frameworks to include OAuth, OpenID, SSO/SAML, and AWS IAM
  • Familiarity with dynamic and static analysis tools
  • Deep understanding of continuous integration / continuous deployment processes and tools • Ability to interpret dynamic/static analysis tools, and penetration test results and describe issues and fixes to non-security experts
  • Ability to automate tasks using a scripting language (Python, Ruby, etc.)
  • Ability to program in Python, experience with a compiled language such as golang or C a plus.
  • Familiarity with common reconnaissance, exploitation, and post-exploitation frameworks Qualities
  • Humble expert with a sense of urgency
  • Team focus with an ability to work in a matrixed organization
  • 3+ years of experience developing on web and mobile and API platforms
  • 2+ years assessing and securing iOS and Android mobile apps, REST and SOAP APIs, and web applications
  • 2+ years reviewing source code, using security testing tools, and modeling web and mobile applications

Perks Playlist:

  • Competitive Compensation Package including Salary, Benefits and Generous 401k Savings Plan
  • Paid Time Off – Paid Holidays, "Gift Week", Summer Fridays
  • Student Loan Repayment Assistance
  • Employee Developmental Support
  • Annual Gym Reimbursement Package
  • Pet Insurance, plus much more!

 Universal Music Group is an Equal Opportunity Employer 

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • .NETLanguages
    • C#Languages
    • JavaLanguages
    • JavascriptLanguages
    • PHPLanguages
    • PythonLanguages
    • ScalaLanguages
    • SqlLanguages
    • SwiftLanguages
    • jQueryLibraries
    • AngularJSFrameworks
    • ASP.NETFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • AccessDatabases
    • HiveDatabases
    • Microsoft SQL ServerDatabases
    • MySQLDatabases
    • OracleDatabases
    • SAP HANADatabases
    • Google AnalyticsAnalytics
    • IllustratorDesign
    • PhotoshopDesign
    • SketchDesign
    • ConfluenceManagement
    • JIRAManagement
    • DrupalCMS
    • WordpressCMS
    • SalesforceCRM
    • Constant ContactEmail

Location

UMG IT is primarily based in Woodland Hills, a neighborhood bordering the Santa Monica mountains in the San Fernando Valley region of Los Angeles

An Insider's view of Universal Music Group

What’s the vibe like in the office?

Everyone is hard working but it’s still a pretty relaxed and friendly environment. If you need any help people are always ready to make time. Between the conference room with all over music related decorations, big lunch room with table-football and arcade games and a very casual dress code, the overall vibe is really chill.

Laurent Burte

Enterprise Portfolio Management Project Manager

How do you collaborate with other teams in the company?

Our team serves departments across the company by providing feedback and best practices on software asset management. We get to work with a lot of different teams which is really interesting.

Ashia Coleman

Junior Windows Systems and Application Administrator

What makes someone successful on your team?

Our team relies on the ability to have quick and meaningful communications, sharing of ideas in a constructive way and working closely as a whole team. You also need to be interested in always learning. Technology never stands still and neither does this team.

Todd Hancsicsak

Director, Rights & Repertoire Technology

What does your typical day look like?

There is no typical day at UMG, which is a good thing! I get an opportunity to work with numerous individuals within IT and the business on a variety of global projects. Having the opportunity to work with so many talented people globally and continuously learn and contribute to our business is very exciting.

Gauri Gohokar

Project Manager

What are Universal Music Group Perks + Benefits

Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Wellness Programs
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Vacation & Time Off Benefits
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Game Room
Parking
Fitness Subsidies
Professional Development Benefits
Tuition Reimbursement
Diversity Program
More Jobs at Universal Music Group25 open jobs
All Jobs
Finance
Data + Analytics
Dev + Engineer
HR
Marketing
Operations
Product
Project Mgmt
Sales
Content
Marketing
new
Santa Monica
Project Mgmt
new
Santa Monica
Marketing
new
Santa Monica
Finance
new
Los Angeles
Operations
new
Los Angeles
Operations
new
Los Angeles
Developer
new
Los Angeles
Marketing
new
Hollywood
Content
new
Hollywood
Data + Analytics
new
Hollywood
HR
new
Santa Monica
Marketing
new
Santa Monica
Data + Analytics
new
Santa Monica
HR
new
Santa Monica
Product
new
Santa Monica
Developer
new
Los Angeles
Content
new
Santa Monica