Uncubed
   

Application Security Engineer

NBCUniversal, New York, New York

Innovative, fast-paced, challenging.. we're everything you want in a workplace.

Level: Manager (Supervisor)


We are looking for an application security engineer to provide security consulting services for projects across all NBCU businesses.

The Application Security Engineer will be responsible for helping to build technical defenses of a media-industry leading, intelligence-driven organization. They will function as a technical and engineering subject matter expert for various Cyber Security areas with a focus on application security. They will partner with engineering teams across the organization to deploy and sustain secure solutions by understanding the technical aspects of business problems and applying sound security engineering knowledge and experience. A successful candidate is expected to interact effectively with Cyber Security leadership and Enterprise Information Technology teams. Finally, a successful candidate must be able to effectively communicate the importance of key programs and services within the NBCUniversal Cyber Security Organization to obtain support, trust and buy-in from the business.



•You should understand end-to-end secure development methodologies and have expertise in one or more tools/methods used to identify security flaws in applications including: Code Reviews, SAST, DAST, and/or Penetration Testing tools.
•You should have practical experience coding in one or more common programming languages (e.g., Java, Python, C#,C++,.Net, JavaScript).
•You should be able to communicate with development teams and understand the tools they use to collaborate on, build, and deploy software (i.e., version control/git, CI/CD pipelines).
•You should be able to explain security flaws detected via code reviews or tools and provide guidance on appropriate mitigations to address weaknesses.
•You should understand the proper way to apply authorization and authentication mechanisms to applications and integrations.
•You should understand and be able to explain common threats to application components including web & software applications, microservices, containers, orchestration platforms, code repositories, CI/CD pipelines, auth systems, and protocols. You should be an expert in securing one or more and be able to research the others and make recommendations.
•You should be a collaborative team member who can take and give constructive feedback.
•You should have empathy for customers and engineers when designing security requirements. You should be able to recommend security measures that are operationally feasible, but also keep our customers safe and allow the product to rapidly evolve.

•Threat modeling experience
•Experience with cloud-based application development and hosting
•Understanding of common threats to operating systems and networks
•Experience with secrets management best practices and one or more key management system tools
•Understanding of at least one major threat analysis framework, like MITRE ATT&CK.

Education/Experience
A degree is not required, but you should have strong combined experience and education in a technical, defensive, programming or cybersecurity role (i.e.: cybersecurity engineer, software engineer, etc.).

At NBCUniversal, we believe in the talent of our people. It’s our passion and commitment to excellence that drives NBCU’s vast portfolio of brands to succeed. From broadcast and cable networks, news and sports platforms, to film, world-renowned theme parks and a diverse suite of digital properties, we take pride in all that we do and all that we represent. It’s what makes us uniquely NBCU. Here you can create the extraordinary. Join us.

NBCUniversal’s policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law. NBCUniversal will consider for employment qualified applicants with criminal histories in a manner consistent with relevant legal requirements, including the City of Los Angeles Fair Chance Initiative For Hiring Ordinance, where applicable.

About NBCUniversal

At NBCUniversal, we believe in the talent of our people. It’s our passion and commitment to excellence that drives NBCU’s vast portfolio of brands to succeed. From broadcast and cable networks, news and sports platforms, to film, world-renowned theme parks and a diverse suite of digital properties, we take pride in all that we do and all that we represent. It’s what makes us uniquely NBCU.

Here you can create the extraordinary. Join us.


Be a Better NBCUniversal Candidate

Learn skills and get an insider's look at NBCUniversal when you watch classes taught by their top employees.

Want to learn more about NBCUniversal? Visit NBCUniversal's website.