Platform Operations Engineer II

Summary

Join NBC Sports Next and lead security efforts on our platform, driving and delivering security solutions across AWS cloud, container security, CI/CD, and secure cloud-native architectures. Enhance secure CI/CD pipelines, infrastructure, and automation. Design and implement reusable patterns promoting security best practices and compliance. Promote secure delivery practices by embedding security in the build and design phases. Collaborate with SecOps, platform teams, and engineering teams. Assess and improve existing security standards to reduce vulnerabilities. Develop automation strategies to enforce regulatory controls. Collaborate on incident monitoring and response, conduct Root Cause Analysis, and recommend mitigation measures. Utilize AWS cloud knowledge, Terraform, and Python to develop secure solutions. This fully remote position offers the opportunity to be part of an exciting new company as it takes shape.

Requirements

• AWS Expertise: 3-5+ years of hands-on experience with AWS, with a strong focus on security best practices
• Linux Proficiency: Minimum of 4 years of experience managing and securing Linux systems
• Security Automation & Tooling: 2+ years of experience implementing security automation and integrating security tooling (e.g., SEIM, SAST/DAST, WIZ/ORCA, or other)
• Automation/Scripting: 2+ years of experience with Python for automation and scripting in a security/DevSecOps context
• Git and GitOps: Practical experience and comfortable using Git and automated workflows for developing code securely
• Web Security Knowledge: Familiarity with web security best practices, including DNS, firewalls, secure APIs, and database security (e.g., PostgreSQL, MySQL)
• Cloud Security: Proven ability to secure cloud environments, including implementing and managing security controls, auditing, and monitoring
• Communication & Collaboration: Exceptional written and verbal communication skills with the ability to explain complex security concepts to technical and non-technical audiences
• Track Record of Solutions: Demonstrated ability to identify and address security challenges, delivering effective solutions through collaboration and leadership

Responsibilities

• Lead Security Efforts on the Platform: Drive and deliver security solutions across AWS cloud, container security (ECS/Kubernetes), CICD, and secure cloud-native architectures while ensuring compliance with standards such as PCI-DSS, ISO27001, SOC 2, NIST 800-53, and COPPA
• Enhance Secure CI/CD: Build and enhance security-related platform capabilities, involving CI/CD pipelines, infrastructure, reusable templates, and automation, enabling teams to deploy rapidly and securely at scale
• Standardize Secure Patterns: Design and implement reusable patterns that promote security best practices and compliance across all engineering teams
• Advance Secure Software Delivery: Promote secure delivery practices by embedding security in the build and design phases, emphasizing fast feedback, observability, and operational excellence
• Collaborate Cross-Functionally: Work closely with SecOps, platform teams, and engineering teams, fostering knowledge sharing and ensuring alignment on security goals and solutions
• Strengthen Security Posture: Assess and improve existing security standards, practices, and controls to reduce vulnerabilities and enhance the organization’s security posture
• Drive Compliance Automation: Develop automation strategies to enforce regulatory controls and ensure continuous compliance with industry standards
• Support Incident Response: Collaborate on incident monitoring and response, conduct Root Cause Analysis, and recommend measures for future mitigation
• Leverage Key Tools and Skills: Utilize AWS cloud knowledge, Terraform, and Python to develop secure solutions that balance security objectives with developer productivity and business goals
• Communicate Effectively: Deliver clear security updates, document solutions thoroughly, demo and communicate effectively with diverse stakeholders, including engineering teams and executive leadership

Preferred Qualifications

• Regulated Environments : Experience working in environments with complex compliance requirements (e.g., PCI-DSS, SOC 2, ISO27001)
• AWS Certifications : Relevant certifications such as AWS Certified Security – Specialty or AWS Certified Solutions Architect
• Web Security & Threat Detection : Hands-on experience with WAFs (e.g., AWS WAF, Cloudflare) and centralized logging stacks (e.g., Splunk, Kibana)
• DevSecOps Expertise : Strong understanding of secure CI/CD practices and integrating compliance objectives into pipelines. Integration of security tooling into a pipeline is a plus
• Infrastructure as Code (IaC) : Experience with Terraform or CloudFormation for managing secure infrastructure
• Security Mentorship : Proven ability to mentor engineers and share security knowledge effectively
• Container Security: Understanding of container security and orchestration such as Docker, Kubernetes)

Benefits

Fully Remote: This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee’s residence