Lead Application Security Engineer at Cast & Crew

Burbank, California, United States

Apply Now

Not SpecifiedCompensation

Senior (5 to 8 years), Expert & Leadership (9+ years)Experience Level

Full TimeJob Type

UnknownVisa

Entertainment, TechnologyIndustries

Requirements

6+ years in application security with a strong track record of impact
Expert-level knowledge of web application security vulnerabilities (OWASP Top 10, injection attacks, authentication flaws, authorization issues, cryptographic failures, etc.)
Strong programming skills in 2+ languages such as Python, Java, JavaScript, C#

Responsibilities

Own the application security vision and roadmap for the engineering organization
Design secure architecture for new products, services, and critical features
Conduct threat modeling sessions for high-risk systems and data flows
Define security standards, policies, and best practices for development teams
Serve as the security subject matter expert for engineering leadership
Drive security initiatives from concept through implementation
Lead post-incident security reviews and implement preventive measures
Perform in-depth security code reviews of critical and high-risk code changes
Identify, assess, and prioritize vulnerabilities across our application portfolio
Partner with development teams to remediate security findings effectively
Research and evaluate emerging threats, attack vectors, and security vulnerabilities
Provide security consultation and architectural guidance to product teams
Conduct security assessments of third-party integrations and dependencies
Stay ahead of industry trends and evolving attack techniques
Design and implement security automation throughout the CI/CD pipeline
Integrate, configure, and manage security scanning tools (SAST, DAST, SCA, secrets detection)
Build custom security tools and frameworks to scale security across teams
Automate security testing, vulnerability management, and compliance checking
Implement and manage secrets management solutions (Vault, cloud secret managers)
Secure containerized applications and Kubernetes deployments
Scan and enforce security policies for Infrastructure as Code (Terraform, CloudFormation)
Create security dashboards, metrics, and executive reporting
Continuously optimize security tooling for accuracy and developer experience
Mentor developers on secure coding practices and security principles
Build and lead a security champions program across engineering
Create security training materials and conduct workshops
Provide actionable security feedback that doesn't block velocity
Collaborate with DevOps and Platform teams on security improvements
Make security tooling intuitive and integrated into developer workflows

Skills

Application Security

DevSecOps

Threat Modeling

Security Architecture

Security Code Reviews

DevOps Automation

Security Pipelines

Cast & Crew

Digital solutions for entertainment production management

About Cast & Crew

Cast & Crew provides a range of digital solutions tailored for the entertainment industry, focusing on production management for film, television, and live events. Their tools help streamline administrative tasks such as payroll, human resources, and production management, making it easier for production companies, studios, and independent filmmakers to operate efficiently. The company's offerings include payroll management tools, purchase order management, screenwriting software, and digital onboarding solutions, all designed to simplify complex processes. Unlike many competitors, Cast & Crew emphasizes a comprehensive suite of services that integrate various aspects of production management, ensuring accurate and timely payments, efficient document handling, and insightful data reporting. The goal of Cast & Crew is to enhance the operational efficiency of entertainment productions while supporting the industry, including initiatives for the Canadian entertainment sector.

Burbank, CaliforniaHeadquarters

1976Year Founded

ACQUISITIONCompany Stage

Data & Analytics, Enterprise Software, EntertainmentIndustries

1,001-5,000Employees

Benefits

PTO

Family-leave time off

401(K)

Hybrid & remote work flexibility

Health, dental, & vision insurance

Employee referral program

Tuition reimbursement

Health and wellness programs

Risks

Shift towards blockchain solutions may disrupt traditional services like Cast & Crew.

WGA strike in 2023 causes production delays, impacting Cast & Crew's revenue.

AI-driven scriptwriting tools threaten traditional software like Final Draft.

Differentiation

Cast & Crew offers 24/7 online support and electronic payroll interfacing.

PSL3 software integrates internet convenience into production accounting.

Cast & Crew's staff expertise is a hallmark of their service quality.

Upsides

Increased demand for remote production tools boosts Cast & Crew's digital solutions.

Expansion of tax incentive programs enhances demand for tax credit management services.

Rise of independent creators increases need for scalable production management solutions.

Land your dream remote job 3x faster with AI

Try Jobo Free