Sr. Cybersecurity Engineer

ABOUT THE ROLE

The Sr. Cybersecurity Engineer is responsible for supporting the secure management and governance of enterprise applications for Universal Destinations & Experiences (UDX). This position has a core focus on user access support, infrastructure management and governance, and consultation on technical security solutions. This role ensures users and systems operate securely, in compliance with appropriate regulatory standards (PCI, GDPR, etc.) & NBCU Cybersecurity policies. The engineer strong technical practitioner who understands how security controls operate in real-world enterprise environments and can partner effectively with IT, infrastructure, and application teams to deliver secure, scalable solutions.

RESPONSIBILITIES

· Act as a trusted security advisor to IT, infrastructure, and application teams by reviewing technical solutions, advising on security architecture and design, and translating security requirements into practical, scalable implementations.

· Serve as a security subject matter expert for server and infrastructure environments by supporting secure configurations, vulnerability remediation, patching coordination, and secure network design in partnership with infrastructure teams.

· Provide hands-on user access and identity support through Active Directory and Group Policy administration, support of privileged access management and vaulting solutions, and coordination with NBCUniversal stakeholders and process owners to ensure secure, compliant access across enterprise systems.

· Augment governance processes by supplying system support and evidence to facilitate user access reviews, entitlement validation, and audit efforts.

· Drive audit readiness, strengthen governance frameworks, and produce actionable reports that highlight application security risks and compliance gaps.

· Understand and actively participate in Environmental, Health & Safety responsibilities by following established USJ policy, procedures, training, and team member involvement activities.

· Perform other duties as assigned.

EXPERIENCE

· 7–10+ years of experience in security engineering, infrastructure security, systems administration, or a closely related technical role, with demonstrated progression into senior-level responsibility.

· 5+ years of hands-on expertise with Active Directory, including user and group administration, Group Policy management, delegation models, and securing privileged access.

· Experience supporting privileged access management (PAM) and credential vaulting solutions (Netwrix, Cyberark, etc.), including onboarding systems, access workflows, and operational support.

· Hands-on experience securing Windows and/or Linux server environments, including system hardening, patching workflows, and coordinating remediation of infrastructure vulnerabilities.

· Experience supporting governance and audit activities by producing system evidence, access-related data, and technical documentation for access reviews, entitlement validation, and audit requests.

PREFERRED QUALIFICATIONS, SKILLS & ABILITIES

· Strong reading and writing in English with at least conversational English

· Security certifications such as CISSP, CISM, GIAC, or equivalent, or equivalent hands-on experience.

· Ability to translate security requirements into practical technical solutions, balancing risk reduction with operational realities.

· Familiarity with security frameworks or standards such as PCI, NIST, ISO 27001, CIS Controls, and/or SOX-related IT controls.

· Working knowledge of networking fundamentals, including TCP/IP, DNS, firewalls, segmentation, and secure connectivity concepts.

Scripting & Automation skills (Powershell) in support of reporting, audit evidence, and operational needs.

EDUCATION

Bachelor’s degree or equivalent work experience required in Cybersecurity, Information Systems, or a related technical field

WORK LOCATION

Osaka  

LANGUAGE

Proficient in Japanese and English