Staff Cloud Security Engineer (r50029871)

Staff Cloud Security Engineer

Under the FOX banner, we produce and distribute content through some of the world's leading and most valued brands, including: FOX News Media, FOX Sports, FOX Entertainment, FOX Television Stations and Tubi Media Group. We empower a diverse range of creators to imagine and develop culturally significant content, while building an organization that thrives on creative ideas, operational expertise and strategic thinking.

Job Description

The Staff Cloud Security Engineer will play a key role in embedding security into FOX Corporation's consumer application development lifecycle. This is a hands-on technical position responsible for implementing and maintaining cloud security controls that protect FOX's critical digital platforms and services. You will collaborate directly with engineering, product, infrastructure, and data teams to ensure secure design and operations across a diverse cloud ecosystem.

A Snapshot Of Your Responsibilities

• Embed with consumer application development teams across FOX Corporation
• Attend businesses' product, development, and infrastructure meetings
• Assess engineering changes, ensuring designs adhere to best practices
• Manage cloud resource access for engineering, product, and data science teams
• Manage and implement cloud security tooling as necessary
• Build automation and tools for security fixes and policy enforcement
• Develop and deploy security controls and monitoring systems to detect and prevent security threats, intrusions, and vulnerabilities
• Participate in incident response, penetration tests, and vulnerability triage
• Identify and deprecate overly broad permissions, while maintaining system stability
• Configure CDN resources to mitigate web-based attacks and denial-of-service events
• Implement secure access methods specific to each service or application as required by the FOX Security Architecture team
• Manage teams' usage of secure access resources to ensure appropriate access grants and effective monitoring
• Ensure secure configurations of all cloud computing, distributed systems, and DevOps tooling
• Facilitate and coordinate efforts for timely upgrades for operating systems, docker images, and application code library versions
• Design, implement, and maintain secure infrastructure components in accordance with industry best practices and regulatory requirements
• Engage with key stakeholders within our organization to streamline the implementation of security-related projects
• Proactively communicate with stakeholders and developers

What You Will Need

- 9+ years of experience in cybersecurity with a focus on cloud infrastructure security

- Deep understanding of cloud security architecture (AWS preferred) and network security

- Hands-on experience with SIEM, WAF and DDOS prevention tools

- Infrastructure as Code (IaC) Security

- Secure secrets management

- Familiarity with encryption, data protection

- Strong understanding of secure development processes and securing CI/CD pipelines

- Building tools and automation with languages such as Python, Golang, Ruby, Javascript

- Strong background in Linux administration

- In-depth knowledge of DNS secure architectures and monitoring methods for high performance, high availability web applications

- Great understanding of modern cloud technology components and deployment pattern such as containers, Kubernetes, infrastructure as code, etc

- Strong familiarity with OWASP Top 10, NIST CSF, SLSA Framework, and Zero-Trust

- Experience performing threat models and risk assessments

- Familiarity with compliance and privacy regulations such as SOX and GDPR

- Excellent communication and problem solving skills with proven ability to collaborate effectively with technical and non-technical stakeholders

Nice To Have, But Not A Dealbreaker

- Security certifications (AWS, Kubernetes, CISSP, etc.)

- Experience in media or streaming environments