Full Time Job

Security Engineer


Culver City, CA 08-16-2022
Apply @ Employer
  • Paid
  • Full Time
  • Mid (2-5 years) Experience
Job Description

Metro-Goldwyn-Mayer Studios Inc. (''MGM'') is seeking a Security Engineer to join its team. The role based in Culver City, CA. The successful candidate will support efforts to build and maintain a consistent and advanced security infrastructure, responsible for the delivery of media content, both internally and externally. This includes but not limited to: identity management, endpoint security, cloud security, application security, data and privacy protection, email security, SASE, and other tooling within the security infrastructure. You will be part of a team of engineers, providing security services in close collaboration DevOps, Cloud Engineering and Software Development teams.

• Working closely with the Cloud Services and DevOps to harden cloud environment and code
• Assisting DevOps and developers detect and remediate insecure code using a variety of SDLC security tools, code reviews, and testing
• Providing guidance and work closely with architecture teams to secure applications, microservices, containerization, and other cloud native workloads in AWS
• Leveraging cloud native security services such as Security Hub, GuardDuty, Macie, and more
• Documenting policies, standard operating procedures, and security reference architectures
• Participating in security certification efforts for internal applications
• Participating as a member of the incident response team, and in on-call rotation working closely with 24/7 SOC

Basic Qualifications:
• 2+ years of experience as a Security Engineer or equivalent in information security
• Understanding of Python, JS and/or other modern programming languages and frameworks required
• Experience with AWS, Azure, or GCP
• Experience with Kubernetes, Docker, Ansible, and Terraform
• Experience with GitOps and version control platforms like GitLab and GitHub
• Experience with AppSec tools such as Snyk, GitLab Security, or Fortify
• Experience with incident response handling
• Experience with vulnerability and threat management for ephemeral workloads

Preferred Qualifications:
• Experience with managing Splunk SIEM
• Familiarity with identity providers such as Azure, Okta, Ping, etc.
• Understanding of IAM, SAML, OIDC and OAuth
• Understanding of Zero Trust concepts and architecture
• Knowledge of static and dynamic application security testing
• Understanding of common web and API vulnerabilities
• AWS and security related certifications a plus
• Participation experience in industry events such as DefCon, BSides, ShellCon, etc. a plus
• Experience with CIS, NIST, and other frameworks for on-prem and cloud environments
• Understanding of the MITRE ATT&CK framework
• Understanding of DevSecOps, SDLC, CI/CD, and IaC principles

Pursuant to the Los Angeles Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.


Jobcode: Reference SBJ-r1z380-3-238-90-95-42 in your application.

Company Profile

Become a part of one of the most dynamic and iconic entertainment studios in the world. Enjoy a collegial familial work environment that is brimming with excitement growth and success. Our team is full of forward thinking, open minded, and enthusiastic employees that continuously nourish our growing company. We are committed to bringing on the most talented, passionate and creative people, who want to succeed at a company that promotes internal growth and encourages opportunities to those who are passionate about growing alongside this company.