Incident Response Engineer II

Location: Burbank, CA
Date Posted: 02-20-2019
Are you interested in being part of the rapidly evolving entertainment industry, helping to continue bringing blockbuster films to audiences like the Harry Potter series and Wonder Woman as well as hit televisions shows such as Ellen and The Big Bang Theory? Do you want to design, implement, and operate a risk management program that drives the effective and efficient risk assessment, treatment, and acceptance processes intended to help technology functions identify and mitigate strategic, privacy, technical, and information-security related risks? Do you enjoy identifying and assessing the technical risks associated with large-scale systems implementations and helping to identify solutions toward mitigating those risks? If so, this is the right opportunity for you! 

The Information & Content Security department provides industry leading security controls and risk management services to all corporate businesses globally. The teams within Information & Content Security focus on Security Awareness; Architecture; Policy & Compliance; Risk & Vulnerability Management; and Security Operations & Incident Response.

We are seeking an Information Security Engineer II, Emergency Ops Response (EOR) for the Information & Content Security: Security Ops & IR department. This position provides technical support to the Security Incident Response Team (SIRT).  Primary responsibilities include coordinating with security operations center (SOC) staff to assess and triage events for potential escalation, responding to incidents, managing vendors providing technical incident response services, providing network and system forensics in support of investigations and assessing tools and services to be used in security incident response activities.  Lastly, this position will plan and conduct Red Team activities within our networks in order to test the effectiveness of detection controls and SOC operations.
Your core priorities will be to:  
  • Security Incident Response:
    • Assessing and triaging potential security incidents.
    • Responding to high impact security incidents.
    • Intrusion detection and malicious software analysis.
    • Windows and Unix security vulnerability assessments and penetration testing.
    • Network perimeter device and system log analysis.
    • Programming and scripting using Python, Linux shell scripts, regex, etc.
    • Maintenance of information security services.
    • Research product and technical data for ongoing projects.
  • Propose and implement penetration testing activities in support of Red Team Initiatives.
  • Participate in projects, planning, controlling, executing and closing assigned projects to produce required deliverables.
  • Bachelor’s degree in Computer Science, Engineering or related discipline preferred.
  • Two security certifications required: GSEC, GPEN, GWAPT, GCIH, GCIA, GCFA, GCUX, GREM, GSNA preferred).
  • CISSP or equivalent preferred.
  • Minimum five (5) years of experience in Information Security.
  • Minimum five (5) years of experience with TCP-based networking.
  • Three (3) years of Unix and Windows system administration preferred.
  • UNIX, C, HTML, PERL and CGI programming experience are required.
  • Experience with Intrusion Detection Systems required (snort, Bro preferred).
  • Experience with firewalls required (Palo Alto, Netscreen, Juniper and Cisco preferred).
  • Experience with Security Incident Response is required.
  • Experience with Security Risk Management is required.
  • Experience in Linux system administration is required.
  • Experience with Windows system administration is required.
  • Understanding of commonly used protocols and services is required (e.g. SSL, DNS, TCP/UDP, WWW, FTP/SFTP, NTP, Telnet, NFS, SSH, LDAP, etc.).
  • Understanding of networking hardware; routers, switches, and load-balancers, particularly Brocade/Foundry and Cisco products is required.
  • Understanding of network protocols and architecture (TCP/IP, ATM, WAN, Bridges, etc) is required.
  • Understanding of virtual networking hardware including VMware Vsphere, ESX preferred.
  • Experience with securing cloud-based solutions is desirable (e.g. Amazon AWS, Azure, Level 3, Akamai, etc).
  • Experience securing remote operating systems and applications are preferred.
  • Experience with version control systems is preferred.
  • Experience in three or more information security domains is required.
  • Experience with media, production and post production digital media systems and services is preferred.
  • Experience with on-line and mobile gaming systems is preferred.
  • Strong project management skills; including project planning, project design, resource allocation, utilization analysis, etc. is required.
  • Strong client management and communication skills is required.
  • Must possess the ability to meet deadlines and manage personnel in an efficient manner, required.
  • Must be able to effectively manage a number of projects and priorities in parallel, required.
  • Working knowledge of networks and data center standards and procedures, required.
  • Must be able to communicate effectively and tactfully with all levels of personnel, both in person and on the telephone.
  • Must be able to pay close attention to complex detail and understand written and oral instructions.
  • Must be able to organize and schedule work effectively.
  • Must be able to work well under time constraints.
  • Must be able to handle multiple tasks with changing priorities, communicating changes in scope and schedule to all parties concerned.
  • Must be service-oriented.
  • Must be able to work independently.
  • Must be able to work flexible hours, including possible overtime, when necessary.
  • Must be able to maintain confidentiality.
this job portal is powered by CATS