Full Time Job

Sr. Manager Global Cyber Security

Universal Music Group

Los Angeles, CA 4 days ago
Apply @ Employer
  • Paid
  • Full Time
  • Mid (2-5 years) Experience
Job Description
This role is responsible for assessing and assuring the security and integrity of Universal Music Groups's applications and the environments where they're built and reside. The Global Security Office partners with all business units enterprise wide as well as product and engineering throughout the software development lifecycle to ensure applications are designed and built securely.

How you'll CREATE:
• Develop and refine application security best practices to standardize security practices
• Provide security guidance for the organization to protect critical assets and data
• Lead Information Security planning processes to enhance a comprehensive Information Security program for the entire organization.
• Provide guidance and counsel to management and other staff regarding all aspects of Information Security.
• Lead and contribute to threat modeling processes
• Lead efforts to internally assess, evaluate and make recommendations regarding the adequacy of the security controls for the organization's information and technology systems.
• Review, analyze, and evaluate both internally developed software and vendor products and procedures to address security requirements
• Work with software development teams to integrate automated security testing mechanisms
• Contribute to education and awareness programs and advise staff at all levels on security issues, best practices, and vulnerabilities
• Interpret security tools and penetration testing results and describe issues and fixes to developers
• Provide vulnerability remediation guidance and mentoring to product development software engineers
• Build metrics to track security defects and automate collection of security information to derive metrics
• Enable automation of product security testing and find innovative ways to scale the security team
• Evaluation of new technologies, tools, and/or development techniques that impact security
• Contribute to education and awareness programs and advise staff at all levels on security issues, best practices, and vulnerabilities
• Conduct security assessments as needed
• Other duties as assigned

Bring your VIBE:
• 3+ years of experience developing on web and mobile and API platforms
• 2+ years assessing and securing iOS and Android mobile apps, REST and SOAP APIs, and web applications
• 2+ years reviewing source code, using security testing tools, and modeling web and mobile applications
• Ability to communicate security related topics effectively with business representatives
• Technical experience with enterprise level directory/messaging services (Active Directory, O365, SharePoint, etc.) implementation and operations
• Cloud Security and Architecture related certifications (VMware, MS Azure, GCP, AWS) are a plus
• Familiarity with popular cloud services offered by AWS, GCP, and Azure Cloud platforms.
• Candidates must be able to explain vulnerabilities and weaknesses in the OWASP Top 10, WASC, and/or CWE 25 to any audience, and discuss effective defensive techniques
• Understanding of modern web application frameworks such as SPA, front-end and back-end technologies
• Deep understanding of authentication protocols and frameworks to include OAuth, OpenID, SSO/SAML, and AWS IAM
• Familiarity with dynamic and static security analysis tools
• Deep understanding of continuous integration / continuous deployment processes and tools
• Ability to interpret dynamic/static analysis tools, and penetration test results and describe issues and fixes to non-security experts
• Ability to automate tasks using a scripting language (Python, Ruby, etc.)
• Ability to program in Python, experience with a compiled language such as golang or C a plus.
• Familiarity with common reconnaissance, exploitation, and post exploitation frameworks
• Humble expert with a sense of urgency
• Team focus with an ability to work in a matrixed organization

Perks Playlist:
• Competitive Compensation Package including Salary, Benefits and Generous 401k Savings Plan
• Paid Time Off – Paid Holidays, ''Gift Week'', Summer Fridays
• Student Loan Repayment Assistance
• Employee Developmental Support
• Annual Gym Reimbursement Package
• Pet Insurance, plus much more!

Universal Music Group is an Equal Opportunity Employer

Disclaimer: This job description only provides an overview of job responsibilities that are subject to change.

Jobcode: Reference SBJ-r11wny-3-238-132-225-42 in your application.

Company Profile
Universal Music Group

We are Universal Music Group, the world’s leading music company. We are the home for music’s greatest artists, innovators and entrepreneurs.