Cloud Security Administrator

Job Description

Responsibilities
This is an opportunity to play a critical role in the digital evolution of NBC News, one of the world's best known and most trusted news organizations. NBC News Digital Group is responsible for the websites, mobile/OTT apps and content tools that power the NBC News, Today, MSNBC, Telemundo, CNBC and E! brands.

Responsibilities

As a Cloud Security Administrator, you will be a key member of the team responsible for ensuring security risks impacting NBC News Digital Group are identified, continually monitored, and addressed.

Primary responsibilities for a Cloud Security Administrator:
• Respond promptly to vulnerability scan results of our cloud computing environments (new and backlog), create tickets and change requests for needed actions, mitigate or delegate, and track as necessary
• Write detailed documentation about findings and processes for cyber security team and other teams as needed
• Communicate and coordinate effectively with team members, other corporate teams, and vendors
• Prepare dashboards showing progress and present findings to the operations team or executives as required
• Identify & execute opportunities for preemptively preventing future vulnerabilities through communication, establishment of new processes or standards, etc
• Support development and maintenance of NBC News Digital's cyber security governance processes, policies, and standards of practice, in coordination with NBCUniversal Cyber Security team policies and standards
• Support NBC News Digital cyber security objectives, to include compliance with NBCUniversal Cyber Security team hardening standards and business continuity/disaster recovery initiatives. This includes leading/participating in various security enhancement projects to improve cyber security controls, and ensuring operational technology practices comply with organizational policies and industry best practices or any regulatory practices such as CCPA and GDPR
• Directly participate in or support third-party conduct of cyber risk assessments or audits. Risk assessments may include scanning code, configurations, access/permissions, software versioning, and other emerging technologies
• Support NBCUniversal's vulnerability management program, to include developing policies and procedures for assessing systems for vulnerabilities, advising system owners on remediation strategies, and leveraging penetration testing where appropriate to validate controls and presumed security levels
• Keep abreast of technological advancements and operational technology cyber security best practices for NBC News Digital. Maintain subject matter expertise and represent News Digital through various collaborative efforts, such as attaining the appropriate certifications and participating in cyber security conferences, workshops, and information sharing.
• Conducts periodic hardware/software inventory assessments across all environments to ensure security integrity.
• Prepares, reviews, and presents technical security reports and briefings for executive stakeholders.
• Oversees and participates in security assessments and audits. (repeat of another bullet point above but phrased differently)
• Identifies root causes, prioritizes threats and recommends and/or implements corrective action

Qualifications/Requirements
The ideal candidate will have experience with some or all of these tools:
• AWS cloud services, especially EKS, EC2, S3, Lambda,

IAM, SecretsManager and CloudFront
• 3+ years experience in a Systems Administrator, Network

Engineer, NOC, and/or Cyber Security role
• 2+ years experience with AWS (experience/knowledge of

AWS components including VPCs, EC2, S3, IAM,

security groups)
• Mitigating issues in an AWS environment
• 1+ years experience with Linux & other open source

technologies
• 1+ years experience with Windows OS
• Strong written and verbal communication skills with

comfort participating in and leading meetings
• Strong documentation skills
• Ability to manage time effectively and delegate tasks as

needed
• Previous experience delegating work within multiple

teams – mitigating many issues
• Ability to mitigate some of the issues yourself
• Need to have strong people skills

Desired Characteristics

Additional experience:
• Containerization experience with Kubernetes/Docker
• Experience using Atlassian suite including Jira &

Confluence
• Experience using Power BI
• Experience reading Prisma and Qualys vulnerability scan

results
• Networking & firewall
• Scripting - automating optimization (preferred language)

Jobcode: Reference SBJ-rzy5bq-18-116-239-195-42 in your application.