• Design and develop detection logic and security rules to identify threats, suspicious behaviors, and misconfigurations across SaaS applications • Research SaaS platforms (e.g., Google Workspace, Microsoft 365, Salesforce, Slack, etc.) to understand security models, APIs, and potential attack surfaces • Translate real-world attack techniques and SaaS security risks into scalable product capabilities, including detections, posture checks, and risk signals • Contribute to both threat detection and posture management content, ensuring broad coverage across identity, access, integrations, and data exposure risks • Analyze large-scale SaaS telemetry to identify patterns, anomalies, and opportunities for new detections or improvements • Continuously improve detection quality by reducing false positives and ensuring signals are actionable for customers • Collaborate with Engineering to productionize detection logic and ensure reliable execution at scale • Partner with Product to shape how security insights are surfaced, prioritized, and explained to users • Stay current on emerging SaaS attack techniques, identity threats, OAuth risks, and AI-related security considerations • Contribute to internal knowledge sharing and help elevate SaaS security expertise across the organization

• Configure business operating environments securely • Perform penetration testing and threat hunting to identify potential risks • Monitor for and respond to incidents in the Firm's hybrid environment • Keep infrastructure current, make recommendations, and continually improve security technologies • Analyze, design, and develop programs, shell scripts, tests, and infrastructure automation capabilities • Work with analysts and engineers across the organization to continually improve cyber resilience • Provide support to understand and develop system requirements and technical solutions for cybersecurity engineering based on system architectures (CIS Controls, MITRE ATT&CK Framework, and NIST Cyber Security Framework). • Support the maturation of the enterprise architecture to align with the Firm’s information security and risks to the organizational operations, organizational assets, and individuals • Develop alternatives of system designs and/or architecture, which consider trade-offs between security requirements, functional/operational requirements, and cost • Identify and define the requirements of the overall security of the network • Plan, engineer, and monitor overall security implementation of network systems • Support in configuring and implementing network security tools • Test and provide solutions for system weaknesses, threats, security issues • Research and identify latest suitable technologies and processes that will improve the overall security of the system • Regularly audit the existing network configuration and provide improvement recommendations • Other duties as assigned

Title: Sr Staff Cyber Security Engineer (AI) 30 Rockefeller Plaza, New York, NEW YORK Employees can work remotely Full-time Business Segment: Operations & Technology Compensation: USD 145,000 - USD 175,000 - yearly Company Description NBCUniversal is one of the world's leading media and entertainment companies. We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to life through our global theme park destinations, consumer products, and experiences. We own and operate leading entertainment and news brands, including NBC, NBC News, NBC Sports, Telemundo, NBC Local Stations, Bravo, and Peacock, our premium ad-supported streaming service. We produce and distribute premier filmed entertainment and programming through our powerhouse film and television studios, including Universal Pictures, DreamWorks Animation, and Focus Features, and the four global television studios under the Universal Studio Group banner, and operate industry-leading theme parks and experiences around the world through Universal Destinations & Experiences, including Universal Orlando Resort, home to Universal Epic Universe, and Universal Studios Hollywood. NBCUniversal is a subsidiary of Comcast Corporation. Visit www.nbcuniversal.com for more information. Our impact is rooted in improving the communities where our employees, customers, and audiences live and work. We have a rich tradition of giving back and ensuring our employees have the opportunity to serve their communities. We champion an inclusive culture and strive to attract and develop a talented workforce to create and deliver a wide range of content reflecting our world. Job Description We are looking for a Senior Staff Cyber Security Engineer to be part of our NBCU Security Architecture team, focused on emerging technologies including AI. This Senior Staff Cyber Security Engineer will partner with the various NBCUniversal businesses, enterprise IT, and Cyber Security organization to ensure technology is designed and deployed securely and aligned with Cyber Security and enterprise technology strategies. This individual will function as a security subject matter expert with broad knowledge across various domains, embedded with engineering teams delivering solutions for NBCUniversal. Initially the primary focus will be on security controls applicable to AI systems and other emerging technologies. You must be cognizant of the wide variety of threats all systems must be protected against and developing threat models and control strategies that are fully integrated into the design, development, and operation of new and evolving technology platforms. The analysis will involve collaboration across the Cyber organization, partnership with business stakeholders, and will result in security guidance and/or mitigation requirements. Finally, you will effectively communicate the importance of key Cyber programs and services to obtain support, trust and buy-in from business and technology teams to ensure security goals are being met. Qualifications Requirements: - 10+ years of experience partnering with business and technical teams to architect secure products and maintain a secure posture throughout their lifecycle - Ability to explain common threats to components including Network, Cloud, Web and Application environments and design mitigations with context of product and business needs - Some knowledge and awareness of ML and generative AI technologies, including common security concerns and mitigations - Knowledge of best practices in the Cyber Security industry, including OWASP Top 10 and CWE/SANS Top 25 - Advanced technical knowledge in one or more security domains, with specific expertise designing complex systems and mitigating significant risk - Ability to give and receive constructive feedback in a team environment, fostering a culture of continual improvement and excellence - Willingness to provide mentorship to more junior members of the team - Strong written/verbal communication and presentation skills with the ability to tailor to both technical, and non-technical audiences - Constant learner, actively experimenting and working with new technologies with quick instincts for picking up and developing expertise in new problem domains - Experience developing and documenting security guidelines or security best practices - Excellent time management skills to appropriately prioritize multiple concurrent projects Desired Characteristics: - Formal Degree is not required, relevant experience in the above-mentioned areas prioritized - Experience performing Threat Analysis and modeling leveraging best in industry frameworks such as MITRE ATT&CK, indicating your proficiency in implementing robust security measures - Familiarity with security control frameworks such as Cloud Security Matrix, NIST CSF, CIS Critical Security Controls - In-depth knowledge of generative AI platforms such as Azure OpenAI services and various models including GPT-4, Llama, Midjourney and the underlying technologies and safety and security risks - Understanding of various data and privacy regulations, including PCI DSS, SOX, HIPAA, GDPR, CCPA - In depth knowledge of common Cloud services and platforms (IaaS, PaaS, SaaS) - A firm understanding of Cybersecurity Engineering/Operations, Incident Response, and GRC functions - Empathy for engineering teams with the ability to balance security guidelines and policies with operational needs to maintain desired end-state corporate security posture Additional Requirements: - Fully Remote: This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee's residence. This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks. Learn more about the benefits offered by NBCUniversal by visiting the Benefits page of the Careers website. Salary range: $145,000 - $175,000 (bonus eligible) Additional Information As part of our selection process, external candidates may be required to attend an in-person interview with an NBCUniversal employee at one of our locations prior to a hiring decision. NBCUniversal's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law. If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access nbcunicareers.com as a result of your disability. You can request reasonable accommodations by emailing. For LA County and City Residents Only: NBCUniversal will consider for employment qualified applicants with criminal histories, or arrest or conviction records, in a manner consistent with relevant legal requirements, including the City of Los Angeles' Fair Chance Initiative For Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act, where applicable.

Who we are is what we do. Deel is the all-in-one payroll and HR platform for global teams. Our vision is to unlock global opportunity for every person, team, and business. Built for the way the world works today, Deel combines HRIS, payroll, compliance, benefits, performance, and equipment management into one seamless platform. With AI-powered tools and a fully owned payroll infrastructure, Deel supports every worker type in 150+ countries—helping businesses scale smarter, faster, and more compliantly. Among the largest globally distributed companies in the world, our team of 7,000 spans more than 100 countries, speaks 74 languages, and brings a connected and dynamic culture that drives continuous learning and innovation for our customers. Why should you be part of our success story? As the fastest-growing Software as a Service (SaaS) company in history, Deel is transforming how global talent connects with world-class companies – breaking down borders that have traditionally limited both hiring and career opportunities. We're not just building software; we're creating the infrastructure for the future of work, enabling a more diverse and inclusive global economy. In 2024 alone, we paid $11.2 billion to workers in nearly 100 currencies and provided healthcare and benefits to workers in 109 countries—ensuring people get paid and protected, no matter where they are. Our momentum is reflected in our achievements and customer satisfaction: CNBC Disruptor 50, Forbes Cloud 100, Deloitte Fast 500, and repeated recognition on Y Combinator’s top companies list – all while maintaining a 4.83 average rating from 15,000 reviews across G2, Trustpilot, Captera, Apple and Google. Your experience at Deel will be a career accelerator. At the forefront of the global work revolution, you'll tackle complex challenges that impact millions of people's working lives. With our momentum—backed by a $17.3 billion valuation and $1 B in Annual Recurring Revenue (ARR) in just over five years—you'll drive meaningful impact while building expertise that makes you a sought-after leader in the transformation of global work. Key Responsibilities - Design, implement, and maintain scalable observability solutions for cloud-native environments - Own monitoring across AWS and Kubernetes (EKS) environments, covering clusters and workloads - Operate and maintain self-hosted monitoring stacks (e.g., Prometheus, Grafana, Mimir, Loki, Tempo) - Manage and optimize DataDog (metrics, logs, APM, alerts, cost monitoring) - Improve observability architecture to support high availability, scalability, and fault tolerance - Implement monitoring cost optimization strategies (log/trace sampling, retention policies, storage optimization) - Automate observability infrastructure using Infrastructure as Code (Terraform, Helm, etc.) - Integrate monitoring and alerting into CI/CD pipelines (GitHub Actions is an advantage) - Support capacity planning and performance tuning initiatives - Collaborate with DevOps, SRE, and Engineering teams to embed observability best practices - Drive continuous improvement of monitoring standards, tooling, and reliability practices Required Skills & Experience - 5+ years of hands-on experience in monitoring / observability engineering within cloud-native environments - Strong experience with AWS services 5+ years of hands-on experience working with Kubernetes - Solid knowledge of Kubernetes monitoring, including metrics, logs, and traces for clusters and workloads, alerting, SLOs, SLIs, and dashboards. - Proven experience operating and maintaining self-hosted monitoring stacks, advantage: Prometheus, Grafana, Mimir, Loki, Tempo Experience designing or improving observability architectures at scale - Experience with DataDog (metrics, logs, APM, alerts, and cost monitoring) - Strong understanding of high availability, scalability, and fault-tolerant architectures - Experience with monitoring cost optimization, including log and trace sampling strategies, storage and retention optimization - Ability to automate monitoring tasks using Infrastructure as Code and scripting (Terraform, Helm, etc.) - Familiarity with CI/CD pipelines and integrating monitoring into deployment workflows (GitHub Actions is an advantage). - Experience with capacity planning and performance tuning Soft Skills - Strong problem-solving and analytical skills - Ability to work independently and take ownership of complex systems - Good communication skills, able to collaborate with DevOps, SRE, and other teams - Proactive mindset with a focus on continuous improvement Total Rewards Our workforce deserves fair and competitive pay that meets them where they are. With scalable benefits, rewards, and perks, our total rewards programs reflect our commitment to inclusivity and access for all. Some things you’ll enjoy - Stock grant opportunities dependent on your role, employment status and location - Additional perks and benefits based on your employment status and country - The flexibility of remote work, including optional WeWork access At Deel, we’re an equal-opportunity employer that values diversity and positively encourage applications from suitably qualified and eligible candidates regardless of race, religion, sex, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, pregnancy or maternity or other applicable legally protected characteristics. Unless otherwise agreed, we will communicate with job applicants using Deel-specific emails, which include @deel.com and other acquired company emails like @payspace.com and @paygroup.com. You can view the most up-to-date job listings at Deel by visiting our careers page. Deel is an equal-opportunity employer and is committed to cultivating a diverse and inclusive workplace that reflects different abilities, backgrounds, beliefs, experiences, identities and perspectives. Deel will provide accommodations on request throughout the recruitment, selection and assessment process for applicants with disabilities. If you require accommodations, please inform our Talent Acquisition Team via this link and a team member will be in touch to ensure your equal participation. If you have difficulty accessing the form, please email at recruiting@deel.com. As part of our hiring process, we primarily rely on interviews and role-related assessments. In limited cases, we may also consider informal background information relevant to the role, in line with our privacy and fairness obligations. This application process does utilise Automated Employment Decision Tools (AEDT) and AI systems to assist in evaluating candidates based on experience level, technical skills and qualifications. As a fully remote company, we also utilise AI-powered deepfake and fraud detection technologies to verify the authenticity of candidate identities and interactions during assessments and interviews. This processing is conducted in compliance with applicable Data Protection, AI Governance and Labour Laws. We ensure human oversight is maintained in all final hiring decisions. Your personal data is not used to train AI models. For more information on how we process your personal data, please see our Privacy Policy. - For NYC Residents: In accordance with NYC Local Law 144, an independent bias audit has been conducted on AEDT; results are available at Ashby, Covey.