Content Security Engineer, GME Security

About The Position

Requirements

• 3+ years of scripting, programming, and security code review in a common programming language (non-internship) experience
• 3+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
• Experience applying threat modeling or other risk identification techniques or equivalent
• Knowledge of industry-based security vulnerabilities and remediation techniques
• Knowledge of usage or integration experience with common cloud-hosted services

Nice To Haves

• Knowledge of networking protocols such as HTTP(S), DNS, and TCP/IP
• Experience with AWS products and services
• Experience performing security activities across one or more phases of the software development lifecycle (SDLC), such as security design review, threat modeling, secure code review, and security testing
• CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+

Responsibilities

• Serve as the primary content security advisor to film and series production teams, providing tailored guidance on secure workflow design: editorial environment setup, Aspera file transfer configurations, cloud storage architecture, on-set networking, and remote collaboration tools
• Assess internal and external content processing architectures (large enterprise to boutique post houses) to securely deploy and maintain content networks and equipment
• Manage security assessments of 3rd party services and tools supporting Amazon Studios, including intake of production team requests and end-to-end vendor security coordination
• Research, evaluate, and pilot next-generation content security measures such as forensic watermarking, audio/video fingerprinting, and content tracking technologies
• Contribute to the team's strategy for securing pre-release content against generative AI threats, including AI-driven extraction, reconstruction, deepfake misuse, and model training on unreleased assets; translate emerging risks into actionable controls and standards
• Maintain and enhance AWS infrastructure and applications supporting Content Security operations, and build internal security tooling to automate workflows such as access governance, audit reporting, and compliance monitoring
• Write and maintain lightweight automation (Python/scripting) to support security tooling, audit workflows, and operational reporting
• Develop and iterate security standard operating procedures tailored to each studio and production team
• Mentor junior team members and contribute to the team's hiring process
• Provide regular written updates on program status, risk posture, and incident findings

Benefits

• health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
• 401(k) matching
• paid time off
• parental leave
• sign-on payments
• restricted stock units (RSUs)