Senior Cyber Security Engineer

Job Description

Job Functions:

The Senior Cybersecurity Engineer role is part of Security Operations team that will, manage, maintain, design, configure, and document security tools, systems, and processes including, but not limited to, the following:

• Lead and support the response to all security events and incidents across UMG’s global infrastructure, services and applications.
• Own the security incident lifecycle, respond to incidents and participate in on-call rotation for security incidents.
• Implementing Security Controls & “Guardrails” for GenAI: Designing, deploying, and operating technical controls to prevent misuse of AI systems. Designs can include content filtering systems, usage policies, and safety checks that mitigate issues like prompt injection attacks, unauthorized data extraction, model bias or hallucinations, and other misuse of generative AI platforms.
• Continually test and update guardrails, replacing weaker controls with more robust solutions as threats evolve.
• Monitor alignment of solutions to AI Governance processes.
• Provide AI/Agent subject matter expertise for AI Incidents and Security Reviews and help develop incident response playbooks for AI-related security incidents.
• Work to improve UMG’s security and reliability posture by driving identified improvements from security events and incidents.
• Support projects end-to-end that will improve UMG’s Threat Detection and Response (TDR) capabilities and initiatives.
• Be responsible for documentation of incidents and projects you work on and craft best practices as runbooks and standard operating procedures to share knowledge across teams.
• Understand security vulnerabilities, attacker exploit techniques, and methods for their remediation.
• Administer security tools and technologies
• Automate triage, analysis, response, and remediation tasks and processes with code, APIs, and SOAR tools.
• Collect and review systems and application security logs from all systems (Firewalls, OS, Email, IDS, Splunk, etc.), take action to mitigate any threats based on findings.
• Conduct log analysis across a diverse ecosystem of technology (operating systems, internally developed web apps, software-as-a-service apps, cloud infrastructure)
• Ensure compliance with internal policies, standards, and regulatory requirements
• Perform forensics activities and root cause analyses
• Participate in the assessment of network design/architecture, development, and implementation of any new application or service
• Conduct Vulnerability Assessments as required
• Assess and triage potential security incidents. Coordinating and leading response to high impact security incidents.
• Lead efforts to detect and analyze malicious software and work with vendors and teams
• Perform other duties as assigned
• Lead projects, planning, controlling, executing, and closing assigned projects to produce required deliverables

Job Requirements:

Skills/Abilities:

• 7+ years of experience in Cybersecurity with a focus on incident response, digital forensics, security engineering, and/or intrusion detection.
• Experience with threat Intelligence, conducting research on emerging threats, identifying and deploying solutions to prevent such threats occurring working with the team.
• Experience with log analysis and forensic tools.
• Experience monitoring and responding to security incidents involving traditional (Windows, Mac, Linux) and cloud-based infrastructure (AWS, GCP, and/or Azure)
• Expertise in handling complex security investigations.
• Communicate clearly and concisely, orally and in writing.
• Schedule: ability to work ‘non-standard’ hours, to overlap as needed with colleagues and stakeholders in other global locations, and participate in on-call rotation, including weekend and holiday hours.
• Proactively identify and address false positive alerts, ensuring that alert noise is minimized without compromising detection accuracy.
• Experience leveraging automation to improve operational security metrics and dashboards by identifying security response gaps in systems, services and processes and propose and deliver solutions to close security monitoring gaps.
• Experience with programming and scripting using Python, Linux shell scripts, and regex.
• Excellent analytical and problem-solving skills. Knowledge about exploits, vulnerabilities, network attacks.
• Solid understanding of information security related standards, analysis frameworks (MITRE ATT&CK, Kill Chain, NIST Incident Response, etc.)  and technologies. The ability to learn new technology and concepts quickly.
• Self-motivated, detail-oriented with analytical and interpersonal skills
• Hands on experience with security operations, safety practices in a business environment and enforcement of procedures.
• Ability to work under pressure and handle multiple projects with tight deadlines across a global enterprise.
• Experience with information security SIEMs, vulnerability scanners and application scanners
• Must be proficient with Linux administration
• Ability to construct basic Boolean logic and regex search strings
• Familiarity with enterprise security controls and security best practices for Windows, Linux, and Mac systems.

Are you interested in this position?
Apply by clicking on the “Apply Now” button below!
#GraphicDesignJobsOnline
#WebDesignRemoteJobs
#FreelanceGraphicDesigner
#WorkFromHomeDesignJobs
#OnlineWebDesignWork
#RemoteDesignOpportunities
#HireGraphicDesigners
#DigitalDesignCareers
# Dynamicbrand guru