Security Assessment Engineer

Company Description Technicolor Creative Studios is a technology company working with creative companies across the world to help them produce their most iconic work. Our award‑winning teams of artists and technologists partner with the creative community across film, television, animation, gaming, brand experience and advertising to bring the universal art of storytelling to audiences around the world. We are renowned for adding visual wonder and creative expertise to the film, advertising, and entertainment industries, with some of our most famous projects including the blockbuster movies Blade Runner 2049, The Jungle Book, The Lion King and 1917, and advertising campaigns for Channel 4, Sony, and IKEA. Job Description Locations available: Canada: Toronto & Montreal France: Paris UK: London USA: LA, NY Subject matter expert in performing technical security assessments and Penetration tests on Technicolor Creative Studios assets (Studios / Networks / Applications / Pipelines / Services). Accountable for ensuring that studio and business solutions are secured against internal and external threats and hacking. Contribute to the technical operations of a global security analysis & response team dealing with security assessment of IT products and systems. Conduct information security policy enforcement while providing technical security expertise. Ensure policies, procedures, standards, and guidelines are consistently applied in all solutions, projects, and initiatives. Participate in reviewing and maintaining policies, procedures, standards, and guidelines in the area of responsibility. Provide expertise and help in troubleshooting complex cyber security and technical incidents, vulnerability management, and response. Deliver regular and consistent input and reports to support the Technicolor Creative Studios compliance, audit, and risk control teams. Work closely with and provide support to global and local IT teams ensuring proper / frequent updates to Studio Security Team Members. Explore new technologies on Technicolor applications / systems / products from a security perspective. Ensure that security operations are considered when assessing or approving new solutions. Define and / or improve the security assessment processes on Studios / Networks / Applications / Pipelines / Services scope. Contribute to estimating risk impacts of new threats and vulnerabilities. Review and address any other reported security concerns, incidents, or questions received via ticketing systems or other means. Propose subjects of internal studies on new technologies and their vulnerabilities. Qualifications University degree in Computer Engineering, Software Development, Information Systems and relevant experience in IT, CISSP, CEH are a plus. 3+ years of Pen Testing / Application, Network, System Security Assessment, Ethical Hacking Experience in the Application environment of an international corporation in a multicultural environment Knowledge of Security Management standards such as OWASP, NIST, ISO, and Cloud Security Alliance. In‑depth knowledge of Unix / Linux, Windows, OSX, iOS, Android, and other operating systems In‑depth knowledge of On‑Premise, SaaS, IaaS, PaaS, and hybrid IT models, and a broad understanding of networking protocols and services (SFTP, HTTP, SSH, SMB, LDAP, etc.) Prior experience in auditing or penetration testing on security tools, applications, networks, systems, or products. In‑depth practice and understanding of exploits, vulnerabilities, and network attack methods. Technical background, structured approach, ability to work with internal and external providers, autonomous in their work. Strong experience with packet analysis tools and analyzing their output (tcpdump, Wireshark, Burp Suite, Nessus, and other similar tools) Solid understanding of regular expressions, database query syntax, and scripting languages Familiar with standard industry cloud provider technologies (AWS, GCP, OCI, Azure) Knowledge of standard cloud connectivity methods and orchestration technologies Ability to learn and adapt to new technology and concepts in an evolving fast‑paced environment. Strong documentation, design, and presentation skills with the ability to create management reporting to convey business justifications, architectural designs, and workflows. Timeliness in all actions with quality consciousness towards services received and provided. Experience in analyzing, assessing, and resolving complex technology requirements, problems, and issues. Demonstrate strong consultancy and influencing skills, encouraging colleagues and teams to change established processes and achieve improvements in alignment with best practices. This profile is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities required of the employee for this job. Duties and responsibilities may change at any time, with or without notice. #J-18808-Ljbffr