Full-Time Sr Staff Cyber Security Engineer

We are seeking a Sr. Staff Cyber Security Engineer to join our NBCU Security Engineering team. This role will collaborate with various NBCUniversal businesses, enterprise IT, and the Cyber Security organization to ensure secure technology design and deployment aligned with Cyber Security and enterprise strategies. This is an exciting time for evolution and process improvement.

The Sr. Staff Cyber Security Engineer will conduct end-to-end security and threat analysis of enterprise initiatives, incorporating Information Security best practices. This includes system design, collaboration with the Cyber organization, and partnership with business stakeholders.

Key responsibilities include:

• Providing security guidance and mitigation requirements.
• Communicating the importance of Cyber programs and services to gain business support.

Basic Requirements:

• 10+ years of experience in architecting and delivering Cyber solutions with business and technical teams.
• 10+ years of experience consulting business teams on threat mitigation best practices across technical areas (Perimeter Security, Application Security, Core Systems, EDR, Cloud, etc.).
• Ability to explain common threats to network, cloud, web, and application environments.
• Advanced technical knowledge in at least one Cyber security area (e.g., network, application, cloud).
• Understanding of Cyber security best practices (OWASP Top 10, CWE/SANS Top 25).
• Strong written/verbal communication and presentation skills, adaptable to technical and non-technical audiences.
• Experience developing and documenting security requirements, guidelines, or best practices.
• Experience with diagramming tools for secure designs and controls.
• Excellent time management and prioritization skills for multiple concurrent projects.
• Empathy for engineering teams to balance security and operational needs.

Desired Characteristics:

• Experience with Threat Analysis and modeling using frameworks like MITRE ATT&CK.
• Familiarity with security controls such as Cloud Security Matrix, NIST CSF, CIS Critical Security Controls.
• Understanding of data and privacy regulations (PCI DSS, SOX, HIPAA, GDPR, CCPA).
• In-depth knowledge of cloud services (IaaS, PaaS, SaaS).
• Experience in Cybersecurity Engineering/Operations, Incident Response, and GRC.
• Security assurance experience with mergers, demergers, or acquisitions.
• Ability to evaluate threats and security gaps, assisting stakeholders in understanding associated business risks.

Additional Requirements:

• Fully Remote Position
• Eligible for company-sponsored benefits (medical, dental, vision, 401(k), paid leave, tuition reimbursement, and perks).
• Salary range: $145,000 - $175,000 (bonus eligible).
• Ongoing applications accepted.
• External candidates may be required for in-person interview.
• Equal Opportunity Employer.
• Reasonable accommodations for qualified individuals with disabilities.
• LA County/City residents: Consideration of applicants with criminal histories, in compliance with relevant laws (Fair Chance Initiatives).

What is the last date for applying to the job?

Which countries are accepted for this remote job?