Engineer, Security-1

Warner Music Group - New York, NY4.2

Full-timeEstimated: $120,000 - $150,000 a year
Save
Skills
With its broad roster of new stars and legendary artists, Warner Music Group is home to a collection of the best-known record labels in the music industry including Asylum, Atlantic, Big Beat, Canvasback, East West, Elektra, Erato, FFRR, Fueled by Ramen, Nonesuch, Parlophone, Reprise, Rhino, Roadrunner, Sire, Warner Records, Warner Classics, and Warner Music Nashville; Warner Chappell Music, one of the world's leading music publishers, with a catalog of more than one million copyrights worldwide.

For more than four decades, WMG has been an industry-leading force in providing a world-class array of services designed to help artists and labels grow their careers and their businesses. Artist & Label Services is the umbrella for WEA (Warner-Elektra-Atlantic) – the pioneering WEA distribution and marketing network – and Alternative Distribution Alliance (ADA) – the groundbreaking global distribution company for independent artists and labels.

Job Title: Security Engineer

A little bit about our team:
Global team of dynamic, creative and collaborative problems solvers working together to build highly secure and scalable solutions to drive innovation and operational excellence. This represents a technical and experienced position in the IT organization. This position will be called upon to represent IT organizations by internal and external organizations. An individual in this position is responsible for making the production systems more reliable by performing day-to-day operations including system monitoring, troubleshooting, problem identification, resolution and restoral following established and documented procedures and with minimal direction. This group is the digital thought and technology collective working with world class creative Media & Entertainment executives and their teams; acting as the trusted operators and strategic partners with them to deliver the best possible outcomes.

Why this could be your next big break:
This is an opportunity to move the needle and make a significant impact within a large global enterprise. Responsibilities include coordinating projects and resources as new business offerings and technologies are developed and implemented within Warner Music Group. Requires excellent communication and technical skills, while working closely with all business units within Warner Music Group in determining design criteria and proof of concept as they relate to each business offering. Other functionality includes acting as engineering liaison to outside engineering entities, project budget management, staffing development and vendor management. Collaborate, design and implement ideas with business leaders from whiteboard to digital delivery and be a true partner with our business leaders. Recognize that as a Service Organization we’re there to partner and steward the organization to operate efficiency, drive revenue and manage risk.

Here you’ll get to:
Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers
Develop security strategy plans and roadmaps based on sound enterprise architecture practices
Participate in application and infrastructure projects to provide security-planning advice
Determine and refine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM)
Validate security configurations, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems
Perform regular vulnerability testing of enterprise services and applications, assess results, prioritize, and coordinate remediation efforts with colleagues
Ability to leverage SIEM platform for conducting forensic security investigations and identifying potential indicators of compromise (IOCs). Develop and use advanced, customized tools and scripts to enhance security assessments and proactive alerting
Review all security reports and logs for unusual or anomalous activities
Ability to perform secure application code review, and coordinate with development teams to advocate secure coding practices. Provides guidance for security activities in the system development life cycle (SDLC) and application development efforts
Liaise with the vendor management (VM) team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data
Review all existing and new security technologies, tools and services, and make recommendations to the broader infrastructure team
Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle
Participate in all information security related incident response activities
Stay abreast of information security events, news, trends and evolving legislative/regulatory changes

Rockstar candidates will be able to:
10+ years previous hands on network administration using the following skills:

Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
Verifiable experience reviewing application code for security vulnerabilities
Direct, hands-on experience or a strong working knowledge of vulnerability management tools
Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services

Full-stack knowledge of IT infrastructure:
Applications
Databases
Operating systems - Windows, Linux, Mac OSX
Hypervisors, Cloud Computing
TCP/IP networks - WAN and LAN
Storage networks – Fibre-Channel, iSCSI and NAS
Modern Authentication Protocols- SAML, OAUTH
Cryptography - Asymmetrical/Symmetrical encryption, hashing
Scripting – PowerShell, Python, Bash, etc.
Experience leading high profile security projects

It would be music to our ears if you also had:
Direct experience designing IAM technologies and services:
Active Directory
Amazon Web Service (AWS)
Strong working knowledge of IT Service Management (e.g., ITIL-related disciplines):
Change management
Configuration management
Asset management
Incident management
Problem management
Regulations, Standards and Frameworks
Payment Card Industry Data Security Standard (PCI-DSS)
Sarbanes-Oxley
General Data Protection Regulation (GDPR)
NIST Cybersecurity Framework (CSF)
Why join us?

Warner Music Group is all about our people. We are one global company made up of the most knowledgeable, passionate, and creative people in our business.

It is the mission of every member of the WMG team around the world to create a nurturing environment for artists, songwriters, and the people behind the music, every stage of their career. We strive to set WMG apart from the rest of the industry by embracing a philosophy of innovation that is part of our company's DNA.

Consider a career at WMG and be a part of one of the biggest forces in music today.

Love this job and want to apply?

Click the “Apply” link at the top of the page, or apply directly with your LinkedIn. Applying with LinkedIn will import all of the information you put in your profile, but will still allow you to upload a resume and cover letter.

Don’t be discouraged if you don’t hear from us right away. We’re taking our time to review all resumes, and to find the best people for WMG.

Thanks for your interest in working for Warner Music Group. We love it here, and think you will too.

Warner Music Group is an equal opportunity employer. We enthusiastically accept our responsibility to make employment decisions without regard to race, religious creed, color, age, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, marital status, medical condition as defined by state law (genetic characteristics or cancer), physical or mental disability, military service or veteran status, pregnancy, childbirth and related medical conditions, genetic information or any other classification protected by applicable federal, state or local laws or ordinances.