Job Description
This position in the IT security team will work to secure one of the leading entertainment brands in the world. The individual we are seeking has previous experience in the triage and in-depth analysis of security events as well as knowledge around developing new detections that keeps us at pace with the latest threats and attacker techniques.
Responsibilities
• Demonstrate understanding and ability to apply cyber security best practices, understand common issues and remediation techniques leveraging systematic approach (MITRE ATT@CK, OWASP top 10, NIST CsF, etc.)
• Knowledge of the best available tools, software, threat hunting techniques, pen testing, applications and systems for maintaining best-in-class security environment status
• Demonstrate expertise with security and information system life cycle methodologies, including remediation of cyber security issues, as well as audit risk mitigation activities
• Communicate clearly, diplomatically and effectively at all levels of the organization and to audiences with varying degrees of process and technical knowledge
• Assist with security testing and vulnerability management across various technical mediums
• Experience working in a team-oriented, matrixed, collaborative environment while using analytical and problem-solving skills.
• Provide monitoring, triage and analysis of security events.
• Act as incident responder for potential incidents identified.
• Develop detection strategies and deploy alerting to identify malicious activity.
• Define and mature Security Team playbooks of operational response to cyber threats.
• Be involved in the evaluation and design of new Security tools.
• Review security log data and tune the SIEM platform and deploy alerting to identify malicious activity.
• Extend functionality of tools by deploying API integrations and automation tasks.
• Assist with the team's main responsibilities by contributing during triage and incident response.
• Participate in and lead training activities, working groups and knowledge sharing with other members in the team.
Minimum requirements:
• 3-5 years active cyber security domain experience
• Hands on experience and proficiency in various cybersecurity tools that are common across the information security industry.
Required Skills
Strong background in security disciplines such as, Detection Engineering, Incident Response, Threat hunting, Vulnerability management or Digital forensics.
• Experience with monitoring and managing threat detection systems, threat intelligence platforms, SIEM and security devices.
• In-depth understanding of the cyber threat landscape and advanced adversary tactics.
• Understanding of modern infrastructure concepts such as, cloud technologies, infrastructure as code, CI/CD and API integrations.
• Excellent communication skills
• Strong understanding of NIST framework and security best practices
• Strong understanding of risk management
• Project Management experience
• Cybersecurity certifications (preferred)
• The hiring range for this position in New York is $125,000 to $180,000 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.
This position is with Marvel Entertainment, LLC, which is part of a business we call Marvel Entertainment.
Jobcode: Reference SBJ-dyevvk-3-80-155-163-42 in your application.