Here you can create the extraordinary. Join us.
Staff Cyber Security Engineer (AI)
Location
New York
Posted
48 days ago
Salary
$125K - $155K / year
Seniority
Lead
Job Description
Staff Cyber Security Engineer (AI)
NBCUniversal
Company Description NBCUniversal is one of the world's leading media and entertainment companies. We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to life through our global theme park destinations, consumer products, and experiences. We own and operate leading entertainment and news brands, including NBC, NBC News, NBC Sports, Telemundo, NBC Local Stations, Bravo, and Peacock, our premium ad-supported streaming service. We produce and distribute premier filmed entertainment and programming through our powerhouse film and television studios, including Universal Pictures, DreamWorks Animation, and Focus Features, and the four global television studios under the Universal Studio Group banner, and operate industry-leading theme parks and experiences around the world through Universal Destinations & Experiences, including Universal Orlando Resort, home to Universal Epic Universe, and Universal Studios Hollywood. NBCUniversal is a subsidiary of Comcast Corporation. Visit www.nbcuniversal.com for more information. Our impact is rooted in improving the communities where our employees, customers, and audiences live and work. We have a rich tradition of giving back and ensuring our employees have the opportunity to serve their communities. We champion an inclusive culture and strive to attract and develop a talented workforce to create and deliver a wide range of content reflecting our world. Job Description We are looking for a Staff Cyber Security Engineer to be part of our NBCU Security Architecture team, focused on emerging technologies including AI. This Staff Cyber Security Engineer will partner with the various NBCUniversal businesses, enterprise IT, and Cyber Security organization to ensure technology is designed and deployed securely and aligned with Cyber Security and enterprise technology strategies. This individual will function as a security subject matter expert with broad knowledge across various domains, embedded with engineering teams delivering solutions for NBCUniversal. Initially the primary focus will be on security controls applicable to AI systems and other emerging technologies. You must be cognizant of the wide variety of threats all systems must be protected against and developing threat models and control strategies that are fully integrated into the design, development, and operation of new and evolving technology platforms. The analysis will involve collaboration across the Cyber organization, partnership with business stakeholders, and will result in security guidance and/or mitigation requirements. Finally, you will effectively communicate the importance of key Cyber programs and services to obtain support, trust and buy-in from business and technology teams to ensure security goals are being met. Qualifications Requirements: - 8+ years of experience partnering with business and technical teams to architect secure products and maintain a secure posture throughout their lifecycle - Ability to explain common threats to components including Network, Cloud, Web and Application environments and design mitigations with context of product and business needs - Some knowledge and awareness of ML and generative AI technologies, including common security concerns and mitigations - Knowledge of best practices in the Cyber Security industry, including OWASP Top 10 and CWE/SANS Top 25 - Advanced technical knowledge in one or more security domains, with specific expertise designing complex systems and mitigating significant risk - Ability to give and receive constructive feedback in a team environment, fostering a culture of continual improvement and excellence - Willingness to provide mentorship to more junior members of the team - Strong written/verbal communication and presentation skills with the ability to tailor to both technical, and non-technical audiences - Constant learner, actively experimenting and working with new technologies with quick instincts for picking up and developing expertise in new problem domains - Experience developing and documenting security guidelines or security best practices - Excellent time management skills to appropriately prioritize multiple concurrent projects Desired Characteristics: - Formal Degree is not required, relevant experience in the above-mentioned areas prioritized - Experience performing Threat Analysis and modeling leveraging best in industry frameworks such as MITRE ATT&CK, indicating your proficiency in implementing robust security measures - Familiarity with security control frameworks such as Cloud Security Matrix, NIST CSF, CIS Critical Security Controls - In-depth knowledge of generative AI platforms such as Azure OpenAI services and various models including GPT-4, Llama, Midjourney and the underlying technologies and safety and security risks - Understanding of various data and privacy regulations, including PCI DSS, SOX, HIPAA, GDPR, CCPA - In depth knowledge of common Cloud services and platforms (IaaS, PaaS, SaaS) - A firm understanding of Cybersecurity Engineering/Operations, Incident Response, and GRC functions - Empathy for engineering teams with the ability to balance security guidelines and policies with operational needs to maintain desired end-state corporate security posture Additional Requirements: - Fully Remote: This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee’s residence. This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks. Learn more about the benefits offered by NBCUniversal by visiting the Benefits page of the Careers website. Salary range: $125,000 - $155,000 (bonus eligible) Additional Information As part of our selection process, external candidates may be required to attend an in-person interview with an NBCUniversal employee at one of our locations prior to a hiring decision. NBCUniversal's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law. If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or access nbcunicareers.com as a result of your disability. You can request reasonable accommodations by emailing [email protected]. For LA County and City Residents Only: NBCUniversal will consider for employment qualified applicants with criminal histories, or arrest or conviction records, in a manner consistent with relevant legal requirements, including the City of Los Angeles' Fair Chance Initiative For Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act, where applicable. - Business Segment: Operations & Technology - Compensation: USD 125000 - USD 155000 - yearly
Benefits
- 401(K), 401(K) matching, Adoption Assistance, Childcare benefits, Commuter benefits, Company equity, Company-sponsored outings, Company sponsored family events, Continuing education stipend, Customized development tracks, Dental insurance, Disability insurance, Volunteer in local community, Employee stock purchase plan, Family medical leave, Fitness stipend, Flexible Spending Account (FSA), Generous parental leave, Generous PTO, Health insurance, Job training & conferences, Open door policy, Life insurance, Charitable contribution matching, Mentorship program, Paid volunteer time, Online course subscriptions available, Onsite gym, Open office floor plan, Paid holidays, Paid industry certifications, Pair programming, Paid sick days, Onsite office parking, Partners with nonprofits, Performance bonus, Pet insurance, Promote from within, Recreational clubs, Lunch and learns, Relocation assistance, Return-to-work program post parental leave, Team based strategic planning, OKR operational model, Team workouts, Continuing education available during work hours, Tuition reimbursement, Vision insurance, Wellness programs, Mental health benefits, Fertility benefits, Personal development training
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Cloud Security Specialist II
Grupo BoticárioCriamos oportunidades para a beleza transformar a vida das pessoas, e assim transformar o mundo ao nosso redor.
• Define the short-term strategy for the area in a scalable manner for the organization. • Align and set goals with teams. • Direct cloud security action plans. • Define, assess, and implement cloud security processes and solutions. • Define, manage, and develop CloudSec products. • Serve as the Information Security focal point for identifying, assessing, and mitigating cloud risks. • Plan and execute security testing on cloud infrastructure. • Provision and maintain the cloud environments that support CloudSec solutions. • Support the response to cloud security incidents. • Create, guide, document, and review cloud security processes, workflows, and guidelines. • Coordinate cloud security projects that impact the business. • Provide technical leadership to the team, promoting development and delivery of results. • Define cloud compliance and security standards for executive management. • Manage strategic partnerships and optimize the overall resilience of the environment. • Formally mentor other architects and specialists. • Actively support team hiring by participating in technical interviews.
• riferimento tecnico per Azure Monitor, Log Analytics e Azure Alerts • progettare e implementare strategie di monitoraggio endtoend per workload Azure e ibridi • configurare metriche, log, dashboard e alert allineati a modelli SRE e operational excellence • supportare i clienti nel miglioramento di availability, performance e cost management • diagnosticare problematiche complesse tramite log, metriche e telemetria distribuita • analizzare dati applicativi e di piattaforma per individuare la root cause • supportare incident response e postincident review • ottimizzare alerting, ridurre il rumore e migliorare la maturità operativa • integrare Azure Monitor con Application Insights, VM Insights, Container Insights e Network Insights • fornire linee guida su governance, RBAC, retention dei dati e ottimizzazione dei costi • collaborare con team security e infrastructure su visibilità e telemetria condivisa
Service Technician
AramarkAramark is an award-winning facilities management, foodservice, and uniform provider founded in 1959. The company serves wide-ranging industries, and its clients include K-12 schoo
Who We Are Best Beverage Equipment Service (BBES) is our owned service organization dedicated to keeping some of the most visible beverage equipment in the field running at peak performance. Our technicians are specialists, not generalists, trusted by customers to diagnose, repair, install, and maintain commercial beverage systems that power offices, hospitality, convenience retail, and foodservice environments. Backed by the resources, stability, and benefits of a Fortune 500 company, BBES technicians enjoy the autonomy of field work with the support, training, and tools needed to do the job right. The Role The BBES Service Technician is a highly skilled, field-based role responsible for servicing, installing, and maintaining commercial beverage and related foodservice equipment at customer locations. Unlike traditional service technician roles, BBES technicians dispatch directly from their homes, manage their own routes, and are expected to operate with a high level of independence, professionalism, and technical expertise. This role requires strong mechanical aptitude, comfort working across electrical, plumbing, and refrigeration-adjacent systems, and the ability to represent BBES and our customers with confidence in the field. Don’t have experience in all of these areas yet? That’s okay! If you bring curiosity, drive, and a willingness to learn, we’ll provide the training and support to help you build the skills needed to succeed What You'll Do - Receive and respond to dispatched service calls and installations within your assigned territory, dispatching directly from your home - Diagnose mechanical, electrical, and plumbing-related equipment issues and determine appropriate corrective action - Repair, refurbish, calibrate, and maintain commercial beverage equipment, including coffee, soda fountain, frozen beverage, and related systems - Perform preventative maintenance, emergency service calls, surveys, and new equipment installations - Visually inspect, test, and listen to equipment to identify malfunctions; disassemble equipment as needed to access problem areas - Replace worn or defective parts, realign and adjust components, and test equipment operation following repair - Maintain accurate and timely documentation of all work performed using company-provided mobile technology - Track maintenance, repairs, parts usage, and asset verification in company systems - Maintain service vehicle, tools, and parts inventory in a clean, organized, and safe condition - Build and maintain strong customer relationships by communicating clearly, professionally, and proactively - Operate company vehicle safely and in compliance with fleet and safety policies - Participate in overtime, on-call, or weekend service coverage as business needs require What Makes This Role Different - You take your company vehicle home and dispatch directly from your home base - Travel time is paid from when you leave your home for your first service call through completion of your drive home from your last call in the local market - You’ll receive hands-on training at our HQ when hired, plus ongoing technical training and development - You’ll work independently, but never alone; supported by experienced leadership, systems, and resources What We're Looking For Required Qualifications - High School Diploma or GED required - Prior experience performing repairs on mechanical equipment; commercial beverage, foodservice, or similar equipment experience strongly preferred - Solid working knowledge of small electrical appliances and mechanical systems - Willingness and ability to learn plumbing connections, including water sources, drainage, copper, braided, and PEX lines - Experience using common hand and power tools - Ability to use diagnostic tools, testing equipment (e.g., volt/ohm meters), and mobile technology - Strong written and verbal communication skills in English - Ability to work independently with minimal supervision and manage time effectively - Valid driver’s license with an acceptable driving record Preferred (Not Required) - Experience with soda fountain, coffee, frozen beverage, refrigeration, or foodservice equipment - Prior field service or route-based technician experience - Technical certifications or manufacturer training Physical and Work Requirements - Ability to lift, push, pull, and move equipment and materials up to approximately 75 pounds - Ability to stand, walk, bend, kneel, crouch, and work in tight or confined spaces for extended periods - Ability to work in environments with moving mechanical parts, electrical components, temperature extremes, and cleaning chemicals - Ability to safely operate a motor vehicle and comply with all safety standards - Must be able to read, write, and communicate effectively in English - Use of required uniforms and personal protective equipment (PPE) What We Offer - Company vehicle provided for work use, taken home daily - Company-issued fuel and travel card for business expenses - Paid training at our headquarters and ongoing technical development - Company-provided tools, mobile device, and technology - Competitive pay based on experience - Opportunity for overtime and additional earnings - Full suite of benefits including medical, dental, vision, life insurance, 401(k), paid time off, and more - The stability, resources, and career opportunities of a Fortune 500 organization Our Commitment At Best Beverage Equipment Service, we value skilled trades, technical curiosity, and people who take pride in doing the job right. We support equal employment opportunity and are committed to creating a workplace where all employees can thrive, grow, and do meaningful work. Job duties may change, or additional responsibilities may be assigned as business needs evolve. About Aramark Our Mission Rooted in service and united by our purpose, we strive to do great things for each other, our partners, our communities, and our planet. At Aramark, we believe that every employee should enjoy equal employment opportunity and be free to participate in all aspects of the company. We do not discriminate on the basis of race, color, religion, national origin, age, sex, gender, pregnancy, disability, sexual orientation, gender identity, genetic information, military status, protected veteran status or other characteristics protected by applicable law. About Aramark The people of Aramark proudly serve millions of guests every day through food and facilities in 15 countries around the world. Rooted in service and united by our purpose, we strive to do great things for each other, our partners, our communities, and our planet. We believe a career should develop your talents, fuel your passions, and empower your professional growth. So, no matter what you're pursuing - a new challenge, a sense of belonging, or just a great place to work - our focus is helping you reach your full potential. Learn more about working here at http://www.aramarkcareers.com or connect with us on Facebook, Instagram and Twitter.
• Design and implement secure cloud architectures, ensuring adherence to best practices and compliance requirements. • Collaborate with cloud architects and DevOps teams to integrate security controls and mechanisms into cloud environments. • Review and assess cloud infrastructure and service configurations to identify potential security risks and recommend necessary improvements. • Conduct regular security assessments, including vulnerability scanning, penetration testing, and security audits of cloud resources and services. • Identify and prioritize security vulnerabilities, misconfigurations, and compliance gaps, and provide recommendations for remediation. • Assist in implementing and maintaining security testing tools and automation scripts for continuous security assessment. • Develop and implement cloud-specific identity and access management (IAM) policies and controls to ensure appropriate access rights and permissions. • Monitor and review IAM configurations, roles, and access policies to prevent unauthorized access and privilege escalation. • Collaborate with identity teams to integrate cloud IAM with enterprise identity and access management systems. • Implement and manage cloud security monitoring tools and solutions to detect and respond to security incidents in real-time. • Establish incident response plans and processes specific to cloud environments, collaborating with incident response teams to investigate and mitigate cloud-related security incidents. • Conduct post-incident analysis and implement measures to prevent similar incidents in the future. • Ensure cloud infrastructure and services comply with relevant security standards, regulations, and industry frameworks (e.g., CIS, NIST, GDPR, etc.). • Participate in security audits, assessments, and regulatory compliance activities, working with auditors to address findings and ensure compliance. • Stay updated with evolving cloud security trends, emerging threats, and regulatory changes, and provide guidance on implementing necessary controls. • Work with Governance team to conduct training and awareness programs for cloud users, developers, and stakeholders to promote secure cloud practices and awareness of cloud-specific security risks.
