• Senior Analyst - Information Security

    Job Locations US-CA-Hollywood
    Brand
    Paramount Pictures
    iCIMS ID
    2018-8836
  • Overview and Responsibilities

    Paramount Pictures Corporation (PPC), a global producer and distributor of filmed entertainment, is a unit of Viacom (NASDAQ: VIAB, VIA), a leading content company with prominent and respected film, television and digital entertainment brands. Paramount controls a collection of some of the most powerful brands in filmed entertainment, including Paramount Pictures, Paramount Animation, Paramount Vantage, Paramount Classics, Insurge Pictures, MTV Films, and Nickelodeon Movies. PPC operations also include Paramount Famous Productions, Paramount Home Media Distribution, Paramount Pictures International, Paramount Licensing Inc., and Paramount Studio Group.

     

     

    The Sr. Analyst role requires a very motivated / goal driven individual with strong interpersonal, communication and organizational skills. Must be detail oriented, with a strong work ethic, able to work with minimal supervision. The job role also requires an individual who will act as a technical liaison with groups within and outside of Media and Technology Services (MTS). The Sr. Analyst’s primary job role is to reduce risk to Viacom Information and Information Systems through the understanding and use of various data security technologies, applications, methodologies and industry standards.

     

    Responsibilities may include, but are not limited to:

    • Performing vulnerability scans, including analysis and coordinating remediation
    • Conducting anomaly detection analysis and coordinating remediation
    • Conducting intrusion detection analysis and coordinating remediation
    • Participating in the planning and implementation of Viacom Information Security projects
    • Participating in the review of projects, business units, and vendors to identify Information Security concerns
    • Assist in performing risk evaluations and penetration assessments
    • Supporting the company’s risk management program in a manner that fulfills strategic goals of the organization while complying with local, state and federal laws and accreditation standards
    • Proactively identify creative risk solutions to enhance data security throughout the enterprise
    • Participate in matters related to video content security and anti-piracy
    • Assist in development of procedures and related guidelines

    Basic Qualifications

    • 5+ years in IT related field and 2+ years of full time Information Security Technical Program management experience.
      • Vulnerability scanning, intrusion detection, anomaly detection and associated technologies
      • Tools, techniques and standards used to conduct network penetration testing of assets in a Windows, Unix and Linux platform
      • Tools, techniques and standards used to conduct application penetration testing for applications that support but not limited to Java, JBoss, PHP, WebDev
      • Layer 2, 3 and 4 infrastructure designs and functionality
      • UNIX, Linux and FreeBSD and associate hardening best practices
      • The latest hacking techniques and appropriate countermeasures.
      • Firewalls, rule base analysis, stateful inspection, encryption and associated algorithms
      • Common threat methodologies such as Sans and OWASP
      • SQL, MySQL, Oracle and associated hardening best practices
      • Experience of cloud security technologies and security best practice.
    • Able to read, understand and interpret at least two of the following:
      • Packet captures
      • Regex expressions
      • Firewall Rules
      • Access Control lists
    • Travel domestically and internationally if required and with short notice.
    • Must be reliable and available 24/7.
    • BA/BS degree or equivalent preferred

    Additional Qualifications

    Working knowledge of Information Security Policies and their development

    Recognized security qualifications are desirable CISSP ENCE, GCIH, GCIA, CISM, ITIL

    Technical – Functional knowledge of the following applications, technologies and protocols:

     

    • Threat analysis including vulnerability scanning, intrusion detection, and log analysis.
    • Operating system hardening best practices
    • LDAP
    • Familiarity with threat methodologies such as SANS and OWASP
    • Familiarity with common database platforms (SQL, Oracle, MySQL, etc.)
    • Endpoint security
    • Data leakage prevention
    • Wireless security
    • Mobile device security
    • Knowledge of industry standard audio and video file formats and transmission protocols

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed