Platform Operations Engineer II

• Lead Security Efforts on the Platform: Drive and deliver security solutions across AWS cloud, container security (ECS/Kubernetes), CI/CD, and secure cloud-native architectures, ensuring compliance with standards such as PCI-DSS, ISO27001, SOC 2, NIST 800-53, and COPPA.
• Enhance Secure CI/CD: Build and improve security-related platform capabilities, including CI/CD pipelines, infrastructure, reusable templates, and automation, to enable rapid and secure deployment at scale.
• Standardize Secure Patterns: Design and implement reusable security patterns that promote best practices and compliance across engineering teams.
• Advance Secure Software Delivery: Embed security into build and design phases, emphasizing fast feedback, observability, and operational excellence.
• Collaborate Cross-Functionally: Work with SecOps, platform, and engineering teams to share knowledge and align on security goals and solutions.
• Strengthen Security Posture: Assess and improve existing security standards, practices, and controls to reduce vulnerabilities.
• Drive Compliance Automation: Develop automation strategies to enforce regulatory controls and ensure continuous compliance.
• Support Incident Response: Monitor and respond to security incidents, conduct root cause analyses, and recommend mitigation measures. Leverage tools such as AWS, Terraform, and Python to develop secure solutions that balance security with developer productivity and business needs.
• Communicate Effectively: Provide clear security updates, document solutions thoroughly, and communicate with stakeholders including engineering teams and leadership.

Required Experience:

• 3-5+ years of hands-on AWS security experience.
• At least 4 years managing and securing Linux systems.
• 2+ years implementing security automation and tooling (e.g., SEIM, SAST/DAST, WIZ/ORCA).
• 2+ years scripting with Python for security automation.
• Practical experience with Git and automated workflows for secure development.
• Knowledge of web security best practices, including DNS, firewalls, secure APIs, and database security (PostgreSQL, MySQL).
• Proven ability to secure cloud environments and implement security controls, audits, and monitoring.
• Excellent communication skills to explain complex security concepts to diverse audiences.
• Demonstrated ability to solve security challenges through collaboration and leadership.

Preferred Qualifications:

• Experience in regulated environments (PCI-DSS, SOC 2, ISO27001).
• AWS certifications such as Security – Specialty or Solutions Architect.
• Experience with WAFs (AWS WAF, Cloudflare) and centralized logging tools (Splunk, Kibana).
• Knowledge of secure CI/CD practices and integrating compliance into pipelines.
• Experience with Infrastructure as Code tools like Terraform or CloudFormation.
• Ability to mentor engineers and share security knowledge effectively.
• Understanding of container security and orchestration (Docker, Kubernetes).

This position is fully remote, with contributions expected from an employee’s residence.

Applicants may need to attend in-person interviews at NBCUniversal locations. NBCUniversal is an equal opportunity employer. Reasonable accommodations are available for qualified individuals with disabilities. Employment may transition to SpinCo in the future. Qualified applicants with criminal histories will be considered in accordance with applicable laws.