Job Description To exceed the expectations of our talented, creative partners, we need highly motivated, customer focused professionals who are inspired by finding new ways to deliver world class cybersecurity capabilities. This role is part of a team that is responsible for validating our content creation and delivery platforms, services, applications, workflows, and websites are designed and implemented to the highest security standards. You will be responsible for assisting in the secure design and analysis of on-premises and cloud-based infrastructure and applications where studio content is produced. This is a deeply technical role, requiring a solid understanding and experience implementing a variety of cloud infrastructure solutions and services, as well as network security, identity, cyber security, privileged access, and related technologies, using solid design principles. Your role: - Conduct security architecture and design reviews of high impact applications including both internally developed applications and 3rd party managed applications. - Lead in-depth security assessments of complex workflows spanning multiple applications, performing and/or coordinating multiple security assessment workstreams such as threat modeling, penetration testing, DAST scanning, and code review. - Review output from Dynamic Application Security Testing (DAST) tools and provide feedback on results. - Evaluate the security posture of cloud environments through manual review and automated tooling. Review output from Cloud Security Posture Management (CSPM) tools. Provide guidance to stakeholders on approaches to remediating identified issues. - Conduct hands-on security testing of web, mobile applications and cloud-based services. Be capable of identifying traditional application-level issues such as injection, authentication and misconfiguration vulnerabilities, but also identify vulnerabilities that lead to bypass of security controls. - Participate in proof of concepts and other technical evaluations of technologies, designs, and solutions and provide security requirements and recommendations. - Partner with various teams across the organization to influence sound strategies to define our practice, disciplines, and products. - Threat Intelligence: Stay up to date with the latest security threats, vulnerabilities, and industry trends. Leverage threat intelligence to proactively enhance security measures. - Security Awareness: Promote security awareness and training, educating developers and operations teams about secure coding, configuration management, and other security-related topics. - Remains current on industry trends in cyber risk with industry standards (ISO 27001/2, NIST, CIS), regulatory requirements, and certification on common toolsets used in the company. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com .     To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ . Skills and Requirements - 3 to 5 Years of experience in cybersecurity and cloud infrastructure engineering/architecture with BS degree in Information System Management / Computer Science / Information Security or a related technical discipline. - In-depth knowledge of public cloud such as AWS, Azure and GCP. Experience with securing AWS workloads is required. - Proven ability to analyze and assess complicated application architectures and workflows to identify risk - Significant penetration testing experience and offensive capabilities in numerous core competency areas including web applications, mobile applications, networks, cloud and infrastructure. - Detailed understanding of network technologies including routers, switches, load balancers, firewalls, proxies, etc. - Familiarity with identity and access management integrations such as Active Directory, Okta, Auth0, SAML, OIDC). - Knowledge of RESTful web services (clientserver application). - Familiarity with CI/CD principals, tools and services. Hands on experience implementing SAST, DAST, SCA tooling is a plus. - Experience securing a microservices environment, along with demonstrable knowledge of container technologies such as Kubernetes and Docker and securing such environments. - Experience with one or more programming or scripting languages i.e. PowerShell, Python, C#, VB, VBA, Ruby, NodeJS, SQL, etc. - Proven experience securing large-scale, highly available security solutions is required. - Relevant security certifications such as OSCP, ISC2 CISSP, AWS Certified Security - Specialty, SANS, CEH, etc. are a major plus. - Hands on experience implementing SAST, DAST, SCA tooling is a plus. null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.