United Talent Agency

Senior Product Security Engineer

United Talent Agency  •  $160k - $200k/yr  •  Beverly Hills, CA (Onsite)  •  3 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

UTA seeks a Senior Product Security Engineer to help embed security into the design, development, and operation of our products and platforms. In this role, you will work closely with engineering, product, and security teams to design and implement security controls across our applications and services, safeguarding our brand, our people, and our digital assets. If you are passionate about building secure products from the ground up and enjoy operating at the intersection of software development and cybersecurity, this role offers the opportunity to meaningfully shape UTA’s product security posture.

The salary range for this role is $160,000 to $200,000 commensurate with experience and skills.

What You Will Do

Product security strategy & architecture

  • Lead security design and architecture reviews for new and existing products, including web, mobile, and cloud-based custom applications, and provide clear, actionable recommendations

  • Partner with product and engineering leadership to define product security requirements, risk tolerances, and security roadmaps across multiple teams and initiatives

  • Conduct and facilitate threat modeling workshops to proactively identify emerging risks and attack vectors and drive mitigations into product design

  • Conduct security reviews for products and services deployed across AWS, Azure, and GCP including cloud-native architectures, and platform-specific security controls

Secure development lifecycle & testing

  • Own and mature the application and product security lifecycle, including threat modeling, secure design, secure coding practices, testing, and release validation

  • Assess and secure early-stage product design, architecture and workflows, associated with rapid prototyping and deployment

  • Drive the adoption of automated security checks in CI/CD pipelines (SAST, DAST, SCA, secrets scanning, etc.) and ensure they are tuned to balance risk reduction with developer velocity

  • Lead and coordinate application security testing efforts, including tool-based and manual reviews, and work closely with development teams to prioritize and remediate findings

  • Establish and evangelize secure coding standards, patterns, and reusable frameworks that can be leveraged across engineering teams

  • Lead API security assessments, including authentication/authorization validation for REST/GraphQL APIs and API gateway configuration reviews

Operations, monitoring & incident response

  • Collaborate with security operations to ensure product-related logs, alerts, and events are captured, correlated, and integrated into monitoring and incident response workflows

  • Own vulnerability triage and management for product and application findings, including those surfaced through penetration tests and attack surface monitoring, covering risk assessment, remediation planning, and validation of fixes

  • Ensure products handle sensitive data appropriately, including data classification, storage, transit, and retention practices aligned with organizational security requirements

Tooling, enablement & leadership

  • Evaluate, select, and help implement product security focused tools and services, influencing build vs buy decisions

  • Develop documentation, playbooks, and training to raise the overall level of security awareness and capability across product and engineering teams

  • Provide best practices on the secure use of AI-assisted development tools, including risks around dependency integrity, code suggestions, and agent-driven changes

What You Will Need

  • Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related field; or equivalent practical experience

  • 5+ years of experience in security engineering, application security, or product aligned security roles, with a track record of owning and driving security initiatives

  • Deep understanding of common web, mobile, and API vulnerabilities (e.g., OWASP Top 10) and practical experience preventing and remediating them at scale

  • Strong experience securing applications and services in at least one major cloud provider (AWS preferred), including cloud native architectures

  • Hands on experience with application security tooling (SAST, DAST, SCA, secret scanning, WAF, or similar) and integrating these into CI/CD workflows

  • Familiarity with secure deployment practices, including Infrastructure-as-Code review of Terraform, CI/CD pipeline security (GitHub Actions), and secrets management.

  • Familiarity with container security, including image hardening, Kubernetes RBAC, network policies, and runtime protection.

  • Familiarity with securing AI/ML platforms in cloud environments and agentic workflows, including access control, data protection, and governance across the application development and deployment lifecycle.

  • Solid experience collaborating with software engineering teams in agile environments, including participating in design reviews, code reviews, and sprint planning

  • Strong knowledge of identity, authentication, and authorization concepts and technologies (e.g., OAuth, OIDC, SSO, modern identity platforms)

  • Excellent communication and stakeholder management skills, with the ability to influence senior technical and nontechnical partners and drive consensus

What You Will Get

  • The unique and exciting opportunity to work at one of a leading global entertainment companies

  • Access to the tools, leadership, and resources you will need to create and drive a center of excellence

  • The opportunity to do the best work of your career

  • Work in an inclusive and diverse company culture

  • Competitive programs to support your well-being

  • Experience working in a collaborative environment with room to grow

About UTA


UTA is a premier global talent agency built for the future of media and entertainment. The agency's diversified platform and best-in-class, client-first approach is innovative, collaborative, and positioned to lead in an evolving market. UTA represents the most celebrated artists, creatives, and brands, from icons and legends to next-generation talent. Its integrated capabilities span film and television, music, comedy, creators, sports, brands, news, publishing, speakers, theater, and more. It is based in Los Angeles with offices in the U.S., London, and Munich.

For more information: https://www.unitedtalent.com/about/

UTA and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers.

https://www.unitedtalent.com/privacy-policy

United Talent Agency

About United Talent Agency

UTA unites ideas, opportunities and talent. The company represents some of the world’s most iconic, barrier-breaking artists, creators and changemakers—from actors, athletes and musicians to writers, gamers and digital influencers. One of the most influential companies in global entertainment, UTA’s business spans talent representation and content production, as well as strategic advisory and marketing work with some of the world’s biggest brands. UTA is headquartered in Los Angeles with offices in Atlanta, Chicago, Nashville, New York and London.

Industry
Arts & Entertainment
Company Size
1,001-5,000 employees
Headquarters
Beverly Hills, CA
Year Founded
1991
Social Media