Senior Security Engineer- Vulnerability Management (Remote)

The Information Security Engineer will focus on supporting an enterprise Vulnerability Management and Application Security program. You will apply security in-depth principles to reduce vulnerability risk for Sinclair's business units including multi-cloud and infrastructure environments. You will partner with internal stakeholders and consultants to develop security solutions to protect the confidentiality and integrity of Sinclair's sensitive data. You will also work closely with Security Operations, Network and Systems Engineering, and Software Development Teams to support an enterprise application security program.

You will be responsible for the following activities during implementation including:

Processes & Execution

• Manage processes and solutions pertaining to vulnerability management, application security, CIS/DISA benchmarks, and other security services as required.
• Provide mentorship and knowledge transfer to junior security team members.
• Excellent and well-established communication skills with an ability to effectively and professionally collaborate with company stakeholders and business partners.
• Ability to think strategically, plan methodically, and execute tactically.
• Enterprise outlook for delivering solutions and processes.
• Actively engage internal and external customers to deliver subject matter expert direction for security remediation items.
• Take ownership of professional development and training needed to excel in your role.
• Lead initiatives to develop and mature enterprise security services as they apply to team and organizational goals.
• Act as an advocate for Information Security objectives while identifying creative solutions to ensure progress is being made.
• Drive remediation activities by understanding the impact of findings and develop strong communication channels with key stakeholders.
• Develop weekly in-depth metrics to identify programmatic progress and "wins."

Engineering, Collaboration & Partnerships

• Evaluate and recommend new products, methodologies, processes, and solutions to support an enterprise application security program.
• Maintain knowledge of current trends, recent publications, and emerging technologies as they pertain to risk, vulnerability management, and application security.
• Ability to identify, prioritize, communicate, and mitigate security risks for on-premises and hybrid/multi-cloud environments.
• Produce frequent detailed metrics to measure the efficacy and effectiveness of the vulnerability program.
• Identify business critical systems and environments including mapping data types in enterprise assets, databases, cloud environments, and applications.
• Work with outside vendors and consultants to identify tools to meet or exceed department needs.
• Define, document, and implement creative solutions to "find a better way."
• Demonstrate good judgment in identifying and solving problems that aligns with team and corporate goals.
• Enforce compliance with company policies and standards.
• Contribute to the vulnerability management program by driving remediation activities pertaining to application (DAST) scans, security assessments, vulnerability scans, or risk management activities and tools.
• Configure and tune security tools to identify weaknesses in systems, applications, databases, and cloud environments.
• Document and integrate security best practices within the CI/CD pipeline.
• Educate developers on best practices for including security controls within their development process.
• Ensure the SDLC is documented and security weigh-ins are included and implemented.
• Actively document Sinclair applications, applications owners, and align DAST tools to conduct dynamic scanning capabilities.
• Track and create remediation plans including Policy Exceptions and effectively communicate and coordinate efforts amongst system and asset owners.

Performance Improvement

• Help the security team to maintain a level of excellence.
• Develop and evaluate complex performance metrics to establish process success.
• Design, document, and implement procedures and techniques that are consistent with best practices for analyzing and evaluating the risk (software & business), accuracy, completeness, internal integrity/consistency, testability, and overall quality of the systems and processes.
• Research emerging technologies and identify opportunities for adoption within vulnerability management and application security.
• Track and document progress for vulnerability management related processes, and constantly look for ways to make things work better, faster, and smoother.
• Collaborate on and adhere to security best practices, methodologies, and sustainable processes for both application security and vulnerability management.

Sinclair Broadcast Group, Inc. is proud to be an Equal Opportunity Employer and Drug Free Workplace!

About Us

Make your mark in Media with Sinclair Broadcast Group, a diversified media company dedicated to connecting people with content everywhere! We have consistently led the broadcast industry since our inception, and now Sinclair owns the largest regional sports network business and one of the largest television broadcast portfolios in the country. In addition, we have affiliations with all of the major broadcast networks, own Tennis Channel, and several multicast networks including TBD and Comet. Our content is distributed over-the-air, on multi-video providers, and through our industry-leading digital media platforms. We're at the forefront of NextGen technology, enabling innovative new ways to engage with broadcast content like never before. We also recently launched a free TV streaming service called STIRR. Our success is the direct result of our extraordinary employees and management team who believe in our vision and are dedicated to ensuring a great future for our employees. We are advancing the world of Media and want YOU to join our winning team!

About the Team

The life-blood of our organization is our people. We have a compelling story, a goal-oriented culture, and we take really good care of people. How good? Here is a glimpse: great benefits, open door policy, upward mobility and a strong desire to see you succeed. Ready to be part of a winning team? Let's talk.

The base salary compensation range for this role is $130,000 to $150,000. Final compensation for this role will be determined by various factors such as a candidate's relevant work experience, skills, certifications, and geographic location. Full time positions are eligible for benefits that include participation in a retirement plan, life and disability insurance, health, dental and vision plans, flexible spending accounts, 15 paid vacation days, 2 paid personal days, 9 paid holidays, 40 hours of paid sick leave, parental leave, and employee stock purchase plan.