Sr. Cyber Security Platform Engineer DNS

NBC Universal Englewood Cliffs , NJ 07632

Posted 3 months ago

Responsibilities

Join NBCUniversal Cyber Security and help us design and implement DNS and related network security services that enable and protect the experience of our businesses.

This role is a part of the Cyber Security Platforms team, responsible for network security technology that supports the entire NBCUniversal enterprise. You'll be responsible for design and engineering of DNS and related network security services that provide visibility and defend the network at all layers.

You'll:

  • Provide secure design and engineering guidance for Infoblox Grid infrastructure focused on delivering DNS services to the Enterprise.

  • Monitor the DNS service for all aspects of reliability and performance. Leverage metrics to appropriately scale and roadmap the service.

  • Work with development teams to design automation of self-service and repeatable DNS functions utilizing the Infoblox API.

  • Work closely with the NBC Universal Cyber Defense Organization to glean valuable information security insights from DNS activity and other log data.

  • Work to improve adjacent network services like DHCP, IPAM, Cloud Security and infrastructure orchestration.

  • Improve namespace design and utilization by creating logical domain and DNS zone standards.

  • Serve as an escalation point for DNS service-related incidents and a resource for information security incidents where DNS data or configuration is useful in the incident response process.

Qualifications/Requirements

  • A deep understanding network security principles and how to apply them in the DDI space.

  • Minimum 3 years' experience designing and implementing Infoblox DDI in large enterprises with a complex networks.

  • Experience integrating corporate DNS (and other DDI) services with cloud DNS like Route 53 and Azure DNS.

  • Experience tuning 3rd party recursive DNS service security features to reduce false positives and meet the needs of the business.

  • Experience migrating DNS services to or from Microsoft DNS and expert knowledge of how that impacts an Active Directory domain.

  • An understanding of how to utilize the Infoblox API to configure, manage or pull data from a grid.

  • Ability to read and write basic logic in any scripting or programming language to manipulate data or communicate with an API.

  • A thirst for improvement and an inclination to thoughtfully challenge the status quo.

  • Desire to try things and iterate on them, fail fast, and focus on functionality that matters.

  • Leverage data to drive design and risk decisions using various sources and basic analytics to create clear metrics and reports.

Desired Characteristics

  • Experience managing security services or infrastructure in the media and entertainment industry.

  • Experience working with brand reputation services and leveraging external domain management.

  • Firm knowledge of ITSM tools and processes with a clear vision on how to apply service management principles to DNS.

  • A clear understanding of securing infrastructure in AWS, Azure or Google Cloud.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Platform Engineer Network

NBC Universal

Posted 2 weeks ago

VIEW JOBS 1/3/2020 12:00:00 AM 2020-04-02T00:00 Responsibilities Join NBCUniversal Cyber Security and help us design and implement network security platforms and services that enable and protect the experience of our businesses. This role is a part of the Cyber Security Platforms team, responsible for network security technology that supports the entire NBCUniversal enterprise. You'll be responsible for design and engineering of network security services that provide visibility and defend the network at all layers. You'll: * Provide secure design and engineering guidance for network tools and services including traditional and SDN infrastructure. * Improve tooling utilized to manage firewall rules sets and ensure that firewall policies reflect the risk reduction goals of the organization. * Design network security services to address security vulnerabilities and weaknesses. * Develop automation to simplify network security policy administration. * Work to improve adjacent network services like DNS, DHCP, IPAM, NTP and PKI. * Conduct security reviews of network services to drive appropriate risk reduction and best practice standards for network security controls. Qualifications/Requirements You need: * A deep understanding network security principles and how to apply them. * Solid experience with routing, switching, VPN, wireless infrastructure, load balancer technology, packet brokers and MPLS technologies. * Strong network infrastructure security skills including device hardening, firewall, IDS/IPS, SIEM, malware detection, transport and at-rest encryption. * Experience utilizing identity services to secure networks including 802.1x and SAML concepts. * A thirst for improvement and an inclination to thoughtfully challenge the status quo * Desire to try things and iterate on them, fail fast, and focus on functionality that matters * Leverage data to drive design and risk decisions using various sources and basic analytics to create clear metrics and reports. Desired Characteristics Bonus points for: * A clear understanding of securing infrastructure in AWS, Azure or Google Cloud. * Hands-on experience with Palo Alto Networks firewalls, highly segmented and transient networks, complex hybrid cloud (on-premises and cloud-native applications) ecosystems, or extremely high-performance (high-bandwidth, low-latency) network environments such as broadcast or research networks. * SDN experience including cisco ACI or VMWare NSX * Comfort with scripting or software development. NBC Universal Englewood Cliffs NJ

Sr. Cyber Security Platform Engineer DNS

NBC Universal