We are currently seeking a Tech Security Engineer to join UMG’s global Tech Security & Identity organization. Reporting to the IT Security Manager, this role is a hands-on engineering position focused on improving the security posture of UMG’s applications, platforms, and cloud environments.
This engineer will play a critical role in embedding security into the software development lifecycle by performing application security assessments, supporting vulnerability management, and partnering with engineering teams to remediate risk. While this role spans multiple areas of security engineering, it has a strong emphasis on application and product security, including secure design, code review, and modern web security practices.
The ideal candidate brings a solid foundation in application security and software development, combined with experience in cloud environments and modern security tooling. This role requires both technical depth and the ability to collaborate effectively across engineering, infrastructure, and security teams.
Job Functions
Perform application security reviews including design reviews, threat modeling, and code analysis toidentifyand mitigate security risks.
Conduct static and dynamic security testing (SAST/DAST), manual testing, and vulnerability assessments across web applications and APIs.
Partner with engineering teams to remediate vulnerabilities and implement secure coding practices.
Support secure software development lifecycle (SDLC) practices and integrate security tooling into CI/CD pipelines.
Identify, track, and support remediation of vulnerabilities across applications and services in coordination with vulnerability management teams.
Evaluate and implement security tools and platforms (e.g., SAST, DAST, API security,secretsscanning).
Provide guidance on authentication, authorization, and secure integration patterns, including SSO and federation.
Support cloud security efforts across AWS, Azure, or GCP environments, including application-layer controls.
Assistwith security reviews of new applications, services, and third-party integrations.
Develop automation and tooling to improve security testing, vulnerability detection, and remediation workflows.
Maintain documentation, standards, and best practices related to application and software security.
Stay current with emerging threats, vulnerabilities, and industry best practices, and apply them to improve UMG’s security posture.
Advocate for secure development practices and contribute to building a strong security culture across engineering teams.
Job Requirements
Essential Qualifications
3–6 years of experience in Security Engineering, Application Security, or Software Engineering.
Strong understanding of application security concepts, including OWASP Top 10 and common web vulnerabilities.
Experience with web technologies, APIs, and modern application architectures.
Hands-on experience with security testing tools (e.g., Burp Suite, OWASP ZAP,Snyk, Checkmarx, Veracode, or similar).
Experience with authentication and federation protocols (e.g., SAML, OAuth 2.0, OpenID Connect).
Familiarity with at least one programming or scripting language (e.g., Python, JavaScript, Java, or similar).
Experience working in cloud environments (AWS, Azure, or GCP).
Strong analytical and problem-solving skills with the ability to assess and communicate risk.
Ability to work collaboratively with engineering teams to drive remediation and improve security outcomes.
Desirable Qualifications
Experience integrating security into CI/CD pipelines and DevOps workflows.
Familiarity with containerization and cloud-native technologies (Docker, Kubernetes).
Exposure to IAM concepts such as SSO, identity federation, and access control models.
Understanding ofsecurity frameworks and standards (e.g., OWASP ASVS, NIST, ISO 27001).
Relevant certifications such as Security+, CEH, CSSLP, or similar.
Experience in large-scale, global, or regulated enterprise environments.
Technology
Universal Music Group (UMG) is the world leader in music-based entertainment, with a broad array of businesses engaged in recorded music, music publishing, merchandising and audiovisual content in more than 60 countries. Featuring the most comprehensive catalog of recordings and songs across every musical genre, UMG identifies and develops artists and produces and distributes the most critically acclaimed and commercially successful music in the world. Committed to artistry, innovation and entrepreneurship, UMG fosters the development of services, platforms and business models in order to broaden artistic and commercial opportunities for our artists and create new experiences for fans.
Universal Music Group's labels include A&M Records, Astralwerks, Blue Note Records, Capitol Christian Music Group, Capitol Records, Capitol Records Nashville, Caroline, Decca, Def Jam Recordings, Deutsche Grammophon, Disa, Emarcy, EMI Records Nashville, Fonovisa, Geffen Records, Harvest, Interscope Records, Island Records, Machete Music, MCA Nashville, Mercury Nashville, Mercury Records, Motown Records, Polydor Records, Republic Records, Universal Music Latino, Verve Label Group, Virgin Records, Virgin EMI Records, as well as a multitude of record labels owned or distributed by its record company subsidiaries around the world. UMG's catalog is marketed through two distinct divisions, Universal Music Enterprises (in the U.S.) and Universal Strategic Marketing (outside the U.S.).
UMG also includes Universal Music Publishing Group, one of the industry's premier music publishing operations worldwide and Bravado, the leading provider of consumer, lifestyle and branding services to recording artists and entertainment brands around the world. Universal Music Group is a Vivendi company.
Find out more at: http://www.universalmusic.com.
View our current career opportunities at: http://www.umusiccareers.com
