Nordic Entertainment Group  logo

Nordic Entertainment Group Stockholm Heltid

DevSecOps Engineer

Detta jobb är inaktivt och går inte att söka längre.

About the job

NENT is a highly innovative and technology driven organisation with a large content portfolio and a track record of building and operating international media platforms including Viaplay, Viafree and Viasat. As a consequence, NENT maintains a solid information and IT security intrusion and content protection platform to support, manage and mitigate cyberrisk, technical resilience and performance of our businesses. We are therefore looking for a Platform Security Engineer to drive our Information Security Program and to support the resilience and performance across the group, with a clear focus on the above-mentioned media platforms.  

The Position  

The DevSecOps Engineer is responsible for the development, maintenance and oversight of the security program across NENT Groups media platforms (such as Viaplay, Viafree, etc.); and communicates strategies, policies and guidelines. The role makes security effortless for our different platforms. As part of this team, you will be performing security engineering, building advanced and novel detective and preventive controls, developing systems to automate remediation and advise product and infrastructure teams on how to keep our platforms safe. It is a group wide responsibility that predominantly span our streaming and content businesses. The Platform Security Engineer works independently across the organisation, in a collaborative spirit and reports to the VP Technical Operations. The daily work includes close collaboration with Product & Engineering colleagues with whom she or he will execute information security audits, support related incident management and continuous platform improvements.  

 Additional Typical Tasks  

  • Improve the applications following your findings after conducting security assessments and audits, architecture reviews and threat modeling of the application stack 
  • Proactively dive into existing code base to find chain of exploit and improve our overall security posture 
  • Conduct penetration testing in collaboration with the Product & Engineering teams. 
  • Introduce new controls into the infrastructure platform that improves our defense in depth 
  • Assist and support engineers in developing secure systems contributing to the spread of secure patterns and practices 
  • Partner with cross-functional Product and Engineering teams to deliver widely impactful security initiatives 
  • Demonstrate excellent judgement in prioritizing security efforts to mitigate the appropriate risks 
  • Perform information and IT security training sessions (e.g. e-learning). 
  • Provide investigative support regarding cyberattacks.  
  • Analyze, assess, and respond to security threats or enable other teams to do so 
  • Design, build and optimize detective, preventive controls and automated response solutions 
  • Communicate and collaborate effectively with stakeholders 
The challenge ahead  

We are facing an exciting transformation. We are planning to expand our Information and IT Security area with agile practices to make it easier to continuously adapt to the ever-changing environment of the streaming industry. With the acceleration of our product development practices, our Information and IT Security area must adopt strategies that meet increased throughput and embed these applying Secure development lifecycle practices . Such flexibility should, amongst other things, empower developers to focus on product delivery without compromising acceptable organizational risk.   

We see that you in the role as our DevSecOps Engineer will help us investigating the possibility of becoming more agile in these practices. This way of working entail the following areas: 

  • Flow - the need for continuous participation versus discrete control points  
  • Fostering a delivery mindset - educating and advocating for cyber security based on  agile principles  
  • Cyber automation – investment in strategic automation to ensure the longevity of security programs within the organization.   
  • Cyber telemetry - the need for cyber security insight along the software lifecycle  
  • Cyber-debt management - the responsible management of cyber security trade-offs  
  • Expanded vision - securing an expanding infrastructure    
What we are looking for  

We are looking for someone with extensive hands-on experience from cyber security and data protection roles, who is used to coordinating vast information and IT security programs across large technology environments. You possess a deep technical competence and can translate best-practice theories into sustainable operational results. You have a strong drive and passion to reach results, preferably within streaming or similar type of industries. We see that you either have experience of working in an environment where agile principles are at the forefront and where you are used to embed requirements in a seamless manner, or that you have experience from a rapid moving organisation that is facing similar challenges that we do regarding adapting security practices to a business that moves rapidly and change constantly.  

General skills include:  

  • Master of science or other relevant degree  
  • Experience or knowledge about agile practices in an Information and IT Security domain  
  • Related professional qualifications (E.g. Certified Information Security Manager ‘CISM’)  
  • Communication and presentation, to be both the subject matter expert and advocate for risk management in the group’s product and technology management   
  • Policy development and administration  
  • Planning and strategic management  
  • Experience of working in a fast moving, technology driven organization 
  • Strong self-leadership, people-positive and conflict resolution  

Bonus requiremens: 

  • Experience working in a company developing digital consumer products 
Join us today  

Our HQ is in Stockholm, but our market is the Nordics. You will become part of an amazing company with great people, content and culture. If this feels like your kind of challenge, please apply and attach your CV and cover letter. If you have any questions, please don't hesitate to contact our recruiter Max Moen at max.moen@nentgroup.com.  

Nordic Entertainment Group AB (publ.) (NENT Group) is committed to equality and diversity and we welcome applications from all qualified individuals regardless of ethnicity, religion, age, gender, sexual orientation, disability, and marital status. We want to make sure your recruitment experience is the best it can be – so, if you’re selected for an interview, please let us know if there are any adjustments we can make that would be helpful for you.  

Nordic Entertainment Group AB (publ.) (NENT Group) is the Nordic region’s leading entertainment provider. We entertain millions of people every day with our streaming services, TV channels and radio stations, and our production companies create content that is experienced around the world. We make life more entertaining by telling stories, touching lives and expanding worlds – from live sports, movies and series to music and original shows. Headquartered in Stockholm, NENT Group is listed on Nasdaq Stockholm (‘NENT A’ and ‘NENT B’). 

 

 

  • Perk: New technologies New technologies
  • Perk: Team work Team work
  • Perk: Hackathon Hackathon
  • Perk: Wellbeing allowance Wellbeing allowance
  • Perk: Competent and fun colleagues Competent and fun colleagues
  • Perk: Parental leave premium Parental leave premium
Who are we

Streaming services, radio networks, TV and production companies. It's our mission to create compelling stories that reach beyond media outlets and touch people's lives.

Bild #0 - Nordic Entertainment Group
Bild #1 - Nordic Entertainment Group
Bild #2 - Nordic Entertainment Group
Bild #3 - Nordic Entertainment Group
Bild #4 - Nordic Entertainment Group

Uptrail AB • Katarinavägen 15, 116 45 Stockholm
© 2014-2021