This Principal Cyber Security Engineer will partner with the Global Streaming Technology and Cyber Security organisations to ensure technology is designed and deployed securely and aligned with Cyber Security and enterprise technology strategies. The successful candidate will be joining NBCUniversal at an exciting time as we evolve our process and services. The Principal Cyber Security Engineer will be responsible for conducting end to end security and threat analysis of enterprise initiatives involving new or modified technology deployments; ensuring that they incorporate Information Security best practices and guidelines into system designs.

At the forefront of safeguarding our cloud infrastructure and applications, this role ensures robust security measures, incident response, and continuous improvement. Design, implement, and maintain secure cloud-based infrastructure and applications, and secure configurations across GCP and AWS to ensure Sword remains secure and HIPAA- and GDPR-Compliant. Monitor cloud environments for security threats, vulnerabilities and misconfigs, and respond promptly to security breaches.

Lead Cybersecurity Architect role, involves leading compliance efforts, designing and managing secure communication protocols, and providing security input to various teams. Requires collaboration with firmware, software, and systems teams to develop complex end-to-end architectures. The ideal candidate will perform risk assessments and deal with security across the entire stack in an "AI-driven" company focused on innovation.

Serve as a trusted security advisor for assigned customers, acting as the key technical point of contact. Manage and clearly explain security incidents identified by our Security Operations Center (SOC). Provide timely and effective incident response support during cybersecurity events (no on-call duty). Deliver cybersecurity best practices to both technical and non-technical stakeholders.

Champion enterprise-level compliance initiatives and embed regulatory excellence across our operations. Lead the development and execution of scalable compliance programs that align with business goals, regulatory obligations, and audit requirements. Play a critical role in supporting PCI (DSS, PIN, P2PE, MPoC), and SOC 2 initiatives while cultivating a culture of proactive compliance and risk management.

You will develop and establish a secure Software Development Life Cycle (SDLC) for all development teams of the group – pragmatic, automated and in close coordination with Engineering. Responsible for end-to-end Vulnerability Management: from identification to context analysis, prioritization and technical evaluation to coordinated remediation with Engineering. You will also establish and monitor coding standards for secure development and implement them through enablement, playbooks and code reviews.