Security Engineer

POSITION SUMMARY
Supports solution design, implementation, configuration, security infrastructure, and application components. Focuses on core security technologies to ensure they are in compliance with security industry commonly accepted practices, internal policies, and standards. Collaborates with technology operations teams, including business groups, to ensure the technologies deployed are maintained in a secure manner.

LOCATION
Remote - US

FUNCTIONS OF THE JOB

Essential Functions: which may be representative but not all inclusive of those commonly associated with this position.

• Responds to information and cyber security incidents by analyzing logs, threat intel, and other sources of information.
• Functions as a liaison between the Technical Security team and business units to track and monitor incident response and provide status updates as needed.
• Analyzes alerts generated by various security tools to reduce false positives and increase alert effectiveness.
• Reviews audit trails for unauthorized access attempts or other information security violations.
• Conducts root cause analysis to identify gaps and recommendations to eliminate risks.
• Supports the management and tuning of security tools.
• Assists in identifying gaps in the current state of security operations and recommending ways to improve its effectiveness.
• Determines ways to automate the incident response process and implement improvements, with security engineering assistance.
• Resolves security tickets not related to incident response.
• Documents and tracks security incidents and breaches using the corporate risk tracking platform.
• Develops dashboards and metrics to monitor current state of the security operations process and technology.
• Assists with security engineering work in other security domains, vulnerability management, penetration testing, digital certificate management, and privileged access.
• Creates scanning jobs and/or assessment tasks within a variety of security tools.
• Oversees the end-to-end vulnerability life cycle from discovery to closure.
• Reviews the list of vulnerabilities and work with the application and operations teams to remediate the findings.
• Researches and provides guidance for addressing vulnerabilities, which could include system patching, deployment of specialized controls, standards, or infrastructure changes, and/or changes in development processes. Identifies and resolves any false positive findings in assessment results.
• Maintains knowledge of the threat landscape and intelligence feeds to identify and triage new threats and vulnerabilities targeting BMI.
• Serves as a point of contact on issues, dependencies, and risks related to vulnerability scanning.
• Supports compliance and risk management activities, recommends security controls, corrective and preventative actions to mitigate vulnerability risks.
• Assists with the development of dashboards and data visualizations for executive management, operations teams, and other stakeholders.
• Develops, documents and reports business-level metrics for vulnerabilities and remediation progress.
• Functions as the process manager for the vulnerability management program with the ability to identify and improve efficiency in operations.
• Manages tracking and remediation of vulnerabilities and timelines with responsible technology developers and support teams.

SKILLS AND ABILITIES
Which may be representative but not all inclusive of those commonly associated with this position.

• Strong working knowledge of IT risks, cyber security, and computer operating software.
• Proficiency in security tools and technologies, including firewalls, IDS/IPS, SIEM, and endpoint protection solutions.
• Strong analytical and problem-solving skills with the ability to analyze complex security issues.
• Knowledge of scripting languages (e.g., Python, PowerShell) for automation of security tasks.
• High level of attention to detail and accuracy in work.
• Excellent verbal and written communication skills.
• Ability to explain technical concepts to non-technical stakeholders.
• Highest level of confidentiality.

What We Give to You:

• Health, dental, and vision insurance
• 401K with employer match
• Flexible spending accounts
• Paid vacation and paid sick/personal time
• 12 paid calendar holidays
• Paid volunteer time off
• Summer hours that offer more time for fun in the sun
• Company paid life insurance
• Up to 12 weeks paid parental leave
• Tuition assistance for qualified team members
• Commuter benefits (New York)
• Amazing and engaging culture
• Employee Resource Groups

BROADCAST MUSIC, INC. IS AN EQUAL OPPORTUNITY EMPLOYER: All applicants will receive equal opportunity for employment without regard of race, color, sex, religion, nationality, age, sexual orientation, gender identity and/or expression, veteran’s or marital status, disability, or any other cultural factor.

#LI-Hybrid