Information Security Engineer

• Governance, Risk Management, and Compliance
• Establish and maintain security policies, standards, and procedures that comply with applicable regulations (e.g., GDPR, CCPA, SOC 2, ISO 27001, PCI-DSS).
• Oversee risk assessments and audits, ensuring remediation plans are executed effectively.
• Manage vendor security evaluations and third-party risk management programs.
• Operational Security
• Oversee incident detection, response, and recovery processes to ensure rapid containment and resolution of security events.
• Implement and monitor security controls across endpoints, networks, and cloud infrastructure. This may include selecting, implementing, and monitoring security software, reviewing network settings like firewall rules and access policies, inspecting hardware and software for vulnerabilities.
• Lead vulnerability management, penetration testing, and threat intelligence initiatives.
• Awareness and Culture
• Develop and deliver ongoing security training and awareness programs for all employees.
• Champion a culture of security across departments, ensuring staff understand their role in protecting company assets.
• Mentor junior technical staff on information security best practices, operations, and technology.
• Technology and Innovation
• Partner with IT and digital teams to integrate security into technology architecture and workflows.
• Evaluate and implement advanced security tools, automation, and analytics for proactive threat management.
• Stay current with emerging threats, trends, and technologies in cybersecurity and the entertainment industry.

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 5+ years of progressive experience in information security.
• Proven experience supporting enterprise security programs, preferably in media, entertainment, or technology environments.
• Strong knowledge of cloud security, identity and access management, and data loss prevention.
• Strong knowledge of Conditional Access Policies and Device Compliance in Microsoft Entra ID.
• Experience implementing and managing SSO and SCIM configurations.
• Familiarity managing PAM solutions like Microsoft Privileged Identity Management.
• Strong programming (Python) and/or scripting skills (PowerShell/Bash)
• Familiarity with common device management tools like Intune, Jamf, Mosyle, Addigy, etc.
• Professional certifications such as Security +, Network +, CISSP, CCSP or CASP, or similar highly desired.
• Excellent communication and stakeholder management skills — able to translate complex technical risks into clear business implications.

We will not be able to support sponsorship or visas for this position at this time.