Lead Cloud Security Engineer

Job Description

Overview and Responsibilities:

Join the ViacomCBS Information Security Team at ViacomCBS Streaming/Digital division as a Lead Cloud Security Engineer and be a part of the talented team that designs, builds, and deploys solutions that protect ViacomCBS Streaming platforms and its customers against advanced adversaries. You will research the latest threats & methods for deploying infrastructure controls in the prevention, detection and reaction to best securing the environment and automating threat identification and defense capabilities. Your mission will be to ensure that ViacomCBS Streaming & Digital environments and customer data remains secure.

Role Details:

You will work across many teams & business partners including infrastructure, engineering, operations, architecture, and product development. You will work across multiple work streams including infrastructure security, security operations, configuration management, network security, and security architecture. In this role, you will design and develop for the cloud (GCP, AWS, Azure) based Infrastructure controls and guardrails to support the ViacomCBS Streaming teams and platforms utilized by consumers. Does this sound like you?

Your Day-to-Day:
• We're looking for a level-headed and professional person with great verbal & written communication skills who has the ability to work in a team environment.
• This person should think of infrastructure as code. You will work closely with the Operation, Development, and QA teams on architecture and technologies.
• Architecture, configuration, operations, and maintenance of infrastructure, network and supporting software related to the cloud & application infrastructure.
• Proven track record developing and implementing security tools, technologies and process integrations for cloud-based architectures.
• Prior experience working closely with product and DevOps Engineers and/or SRE's
on security requirements. Experience with DevOps environments and AWS & GCP security controls is a strong plus.
• As a hands-on technical specialist, handle complex and detailed technical work necessary to establish and maintain secure cloud security environments.
• Securing perimeter and network of ViacomCBS Streaming/Digital applications & environments.
• Implement and maintain network security infrastructure globally including Zero Trust, DDOS mitigation, Micro-Segmentation, and remote access (i.e. VPN services).
• Architect, configure, manage and deploy devices including firewalls, VPC's, Security Groups, Key Management, and Secure SDLC pipeline to improve our ability to prevent and detect intrusions in real-time.

Key Projects:
• Gather threat intelligence and build, optimize, and automate systems to consume threat feeds and track adversaries.
• Work with application owners and infrastructure teams to design and architect infrastructure (network, OS, databases) and applications to protect against attackers.
• Collaborate with others in Information Security Engineering to improve Security Incident & Event Management (SIEM) solutions integration with log aggregation tools and services.
• Develop network/application security solutions designed to implement segmentation and access control across applications deployed in various VPC's and some on-premise platforms.

Required Skills:
• Experience with building and operating secure infrastructures with 4 - 6 yrs in Information Security (SecDevOps is a plus!).
• Experience in platform security in at least three of the following domains: secure cloud deployment, application whitelisting, security engineering, incident handling, vulnerability analysis, active adversary threat management, penetration testing, intrusion detection, firewalls, and encryption technologies.
• In-depth knowledge of AWS & GCP and other public & private cloud infrastructure is required.
• In-depth knowledge of TCP/IP networking (OSI stack, TCP, SDN, etc).
• Experience with CI/CD tools such as Jenkins, Github Actions, etc.
• Experience using a programming language such as python or Go for automation, plus Terraform, Chef, Puppet, Ansible, SaltStack, or CloudFormation..
• Strong Unix/Linux experience with familiarity with Windows environments and hardening guidelines.
• Strong understanding of Threat Modeling including Threat Detection & Prevention.
• Knowledge and experience with networks and hosts are required, application security practices are a bonus.
• Experience with VPC's, Configuration Management, and other network security.

ViacomCBS is an equal opportunity employer (EOE) including disability/vet.

Jobcode: Reference SBJ-gx3x9q-3-146-221-52-42 in your application.