M+E Technology Job Board

Senior Analyst – Information Security

  • Full Time
  • Hollywood, CA
  • Applications have closed

Paramount Pictures

Overview and Responsibilities

Paramount Pictures Corporation (PPC), a global producer and distributor of filmed entertainment, is a unit of Viacom (NASDAQ: VIAB, VIA), a leading content company with prominent and respected film, television and digital entertainment brands. Paramount controls a collection of some of the most powerful brands in filmed entertainment, including Paramount Pictures, Paramount Animation, Paramount Vantage, Paramount Classics, Insurge Pictures, MTV Films, and Nickelodeon Movies. PPC operations also include Paramount Famous Productions, Paramount Home Media Distribution, Paramount Pictures International, Paramount Licensing Inc., and Paramount Studio Group.

The Sr. Analyst role requires a very motivated / goal driven individual with strong interpersonal, communication and organizational skills. Must be detail oriented, with a strong work ethic, able to work with minimal supervision. The job role also requires an individual who will act as a technical liaison with groups within and outside of Media and Technology Services (MTS). The Sr. Analyst’s primary job role is to reduce risk to Viacom Information and Information Systems through the understanding and use of various data security technologies, applications, methodologies and industry standards.

Responsibilities may include, but are not limited to:

Performing vulnerability scans, including analysis and coordinating remediation
Conducting anomaly detection analysis and coordinating remediation
Conducting intrusion detection analysis and coordinating remediation
Participating in the planning and implementation of Viacom Information Security projects
Participating in the review of projects, business units, and vendors to identify Information Security concerns
Assist in performing risk evaluations and penetration assessments
Supporting the company’s risk management program in a manner that fulfills strategic goals of the organization while complying with local, state and federal laws and accreditation standards
Proactively identify creative risk solutions to enhance data security throughout the enterprise
Participate in matters related to video content security and anti-piracy
Assist in development of procedures and related guidelines

Basic Qualifications

5+ years in IT related field and 2+ years of full time Information Security Technical Program management experience.

Vulnerability scanning, intrusion detection, anomaly detection and associated technologies
Tools, techniques and standards used to conduct network penetration testing of assets in a Windows, Unix and Linux platform
Tools, techniques and standards used to conduct application penetration testing for applications that support but not limited to Java, JBoss, PHP, WebDev
Layer 2, 3 and 4 infrastructure designs and functionality
UNIX, Linux and FreeBSD and associate hardening best practices
The latest hacking techniques and appropriate countermeasures.
Firewalls, rule base analysis, stateful inspection, encryption and associated algorithms
Common threat methodologies such as Sans and OWASP
SQL, MySQL, Oracle and associated hardening best practices
Experience of cloud security technologies and security best practice.
Able to read, understand and interpret at least two of the following:

Packet captures
Regex expressions
Firewall Rules
Access Control lists

Travel domestically and internationally if required and with short notice.
Must be reliable and available 24/7.

BA/BS degree or equivalent preferred

Additional Qualifications

Working knowledge of Information Security Policies and their development

Recognized security qualifications are desirable CISSP ENCE, GCIH, GCIA, CISM, ITIL

Technical – Functional knowledge of the following applications, technologies and protocols:

Threat analysis including vulnerability scanning, intrusion detection, and log analysis.
Operating system hardening best practices
LDAP
Familiarity with threat methodologies such as SANS and OWASP
Familiarity with common database platforms (SQL, Oracle, MySQL, etc.)
Endpoint security
Data leakage prevention
Wireless security
Mobile device security
Knowledge of industry standard audio and video file formats and transmission protocols