This position can be located in Santa Monica, CA OR Seattle
HBO’s IT Security & Compliance team is responsible for protecting the employee and IT systems of HBO, which are critical in keeping the organization and its content running.
Our mission is very broad and our team is small and agile. Whether engineering a system to address a technical security hurdle, protecting our customers' data, or consulting on a wide range of security topics, you will be empowered to engage and lead cross-functionally.
We are looking for a Manager to ensure that HBO content and OOTP data is secure when interacting with our products and online systems. The Manager will partner with West Coast production companies and HBO Digital Products Engineering, enabling them to make the strategic decisions they need based on authoritative security risk analysis. The Manager will act as an advisor/mentor, ensuring that we identify bugs while providing practical solutions and guidance to ensure the software is always deployed securely and effectively.
WHAT YOU'LL DO
Research and understand esoteric and custom built infrastructure to determine vulnerabilities and risks in both application and infrastructure layers
Oversee reporting, auditing and analysis goals through automation and scripting (Python, SQL etc.)
Fully investigate potential breaches or compromises
Collaborate with a broad range of technical and managerial teams in order to understand and consult on their specific area of expertise with regards to security and risk management
Understand risks presented by partnering with 3rd party entities and ability to determine and report overall risk for each engagement
Test and analyze infrastructure and software to identify flaws and risks
WHAT WE'RE LOOKING
A burning desire to grow in both engineering and security expertise
Thorough understanding of cloud based infrastructure components (SDN, compute, SaaS) with specific understanding of the security risks presented in a decentralized off premise environment.
Thorough understanding of vulnerability management in traditional physical infrastructure as well as hyper virtualized and containerized environments.
Strong working knowledge of modern social media presence and the ability to consult on secure interaction with multiple disparate social platforms with regard to privacy, password security and best practices.
Strong knowledge of incident response and forensic analysis methods on all major infrastructure platforms, such as servers and firewalls
Hands on experience with industry security tools
Demonstrated ability to work under pressure; Comfortable dealing with ambiguity and conflicting priorities.
Strong verbal and written communication skills
BS in Computer Science or a related technical field or equivalent experience
Strong grounding in information security principles
5+ years of hands-on experience leading a comprehensive security program (vulnerability management, vendor security, etc.)
Hands-on endpoint system security experience
The ability to absorb and adapt to new technologies
Strong communication skills
Strong ability to troubleshoot
Willingness to take ownership and set direction in “gray” areas