Manager, Infrastructure Security Engineering

NBCUniversal is one of the world's leading media and entertainment companies. They are seeking a Manager for Infrastructure Security Engineering to lead a team that designs, delivers, and operates enterprise cyber services, ensuring reliable and scalable security capabilities across the NBCU cyber infrastructure portfolio.

Responsibilities:

• Lead and develop a team of engineers responsible for building and operating enterprise cyber services; establish clear goals, provide coaching and feedback, and support career growth
• Own service delivery and contribute to multi-quarter roadmap across the cyber infrastructure portfolio pillars (e.g., network security services, endpoint/server security, vulnerability management, logging, telemetry, and SIEM integration, automation, secrets/key management, and cloud security enablement), aligning priorities to business needs and risk reduction
• Drive secure-by-design engineering practices, reference architectures, and standard patterns for onboarding new platforms and business entities, ensuring consistent control implementation and data quality across NBCUniversal
• Accountable for reliability, performance, and lifecycle management of cyber services, including capacity planning, patching, upgrades, vendor engagement, and cost management
• Establish and maintain operational excellence: SLAs/SLOs, service health metrics, runbooks, incident response playbooks, problem management, and post-incident reviews with measurable corrective actions
• Partner with Security Operations and Threat teams on logging, telemetry, and SIEM integration to ensure detections are effective, prioritized, and continuously improved (e.g., log onboarding/integration, parsing/normalization, correlation, alert tuning)
• Collaborate cross-functionally with Architecture, Infrastructure, Cloud, and Application teams to plan and deliver integrations, migrations, and new capabilities; translate requirements into actionable engineering work
• Implement governance for security service onboarding and change management, including intake processes, technical reviews, documentation standards, and audit-ready evidence (in partnership with Risk/Compliance where applicable)
• Champion automation and Infrastructure-as-Code to improve consistency and speed of delivery (CI/CD, configuration management, and policy-as-code) across cyber infrastructure services
• Manage on-call and escalation processes for critical services, ensuring effective coverage, clear communications, and continuous reduction of operational toil

Requirements:

• 7+ years of experience in cybersecurity engineering, infrastructure/platform engineering, SRE/DevOps, or related fields
• 2+ years of engineering leadership experience (people management or technical/team leadership), including coaching, prioritization, and delivering outcomes through others
• Bachelor's Degree in Computer Science, Engineering, or equivalent experience
• Demonstrated knowledge in defense-in-depth, zero trust, segmentation, least privilege, and service hardening
• Highly collaborative and able to work across teams; strong problem-solving and analytical skills
• Demonstrated experience operating production services: SLOs/SLAs, incident/problem/change management, runbooks, post-incident reviews, and measurable reliability improvements
• Network and security perimeter services: DNS, TLS, WAF, proxies, firewalls, VPN/remote access, load balancing, and secure connectivity patterns
• Endpoint and server security: EDR concepts, OS hardening baselines, patching and vulnerability remediation workflows, and configuration compliance
• Logging, telemetry, and SIEM integration: observability tools (Datadog or similar), log source onboarding/integration, normalization/parsing, data quality, retention, correlation, and alert tuning; ability to partner with the SIEM platform and detection engineering teams to deliver actionable telemetry
• Security tooling and automation: building integrations and workflows via APIs, event-driven automation, and CI/CD enablement to reduce operational toil and standardize control implementation
• Vulnerability and configuration management: asset inventory concepts, scan coverage, exception/risk acceptance, remediation SLAs, and reporting
• Secrets and key management: KMS/HSM concepts, certificate lifecycle, rotation, break-glass access, and integrating secrets into CI/CD and runtime
• Cloud security enablement: partner with Cloud Security service team to ensure infrastructure services are supported with cloud deployment in mind
• Operating systems: Strong Linux administration; working knowledge of Windows Server for enterprise integrations
• Cloud: AWS or Azure (networking, IAM, logging, and KMS), including hybrid connectivity patterns
• Infrastructure as Code: Terraform or CloudFormation/ARM/Bicep; policy-as-code where applicable
• CI/CD and source control: Git-based workflows; pipelines such as GitHub Actions, Jenkins, or AWS CodePipeline; and secrets handling in pipelines
• Automation and scripting: Python and Bash (or equivalent) for service automation, integrations, and data processing
• Logging and SIEM platforms: Splunk (or equivalent SIEM): log onboarding/integration, source troubleshooting, parsing/normalization, and collaboration with the SIEM platform team; log forwarders/pipelines such as Vector/Logstash and streaming via Kafka (or equivalent)
• Containers and orchestration: Docker and Kubernetes, including secure configuration and runtime considerations
• Vulnerability and configuration tooling: Experience operating vulnerability scanning and configuration compliance tools (vendor-specific acceptable), plus remediation workflow tracking
• Secrets and key management tooling: Enterprise secrets manager and KMS/HSM integration experience (vendor-specific acceptable)
• Observability: Service health monitoring, metrics, and dashboards (Datadog or similar) to support SLOs and incident response