We are currently seeking a Tech Security Engineer to join UMG’s global Tech Security & Identity organization. Reporting to the IT Security Manager, this role is a hands-on engineering position focused on improving the security posture of UMG’s applications, platforms, and cloud environments.
This engineer will play a critical role in embedding security into the software development lifecycle by performing application security assessments, supporting vulnerability management, and partnering with engineering teams to remediate risk. While this role spans multiple areas of security engineering, it has a strong emphasis on application and product security, including secure design, code review, and modern web security practices.
The ideal candidate brings a solid foundation in application security and software development, combined with experience in cloud environments and modern security tooling. This role requires both technical depth and the ability to collaborate effectively across engineering, infrastructure, and security teams.
Evaluate and implement security tools and platforms (e.g., SAST, DAST, API security, secrets scanning).
Provide guidance on authentication, authorization, and secure integration patterns, including SSO and federation.
Support cloud security efforts across AWS, Azure, or GCP environments, including application-layer controls.
Stay current with emerging threats, vulnerabilities, and industry best practices, and apply them to improve UMG’s security posture.
Hands-on experience with security testing tools (e.g., Burp Suite, OWASP ZAP, Snyk, Checkmarx, Veracode, or similar).
Familiarity with at least one programming or scripting language (e.g., Python, JavaScript, Java, or similar).
Technology
