Key Responsibilities
• Perform penetration testing and vulnerability assessments of linear channels, OTT applications, and other digital content distribution systems.
• Identify and exploit vulnerabilities in DRM systems, encryption mechanisms, and other content protection technologies.
• Reverse-engineer and analyse software, firmware, and hardware components related to content security and digital distribution.
• Develop and implement custom tools and scripts to automate security
• Collaborate with engineering teams to resolve identified vulnerabilities and implement security improvements.
• Research and stay up-to-date on the latest trends, techniques, and best practices in content security, anti-piracy, and DRM.
• Create and maintain detailed documentation on penetration testing methodologies, findings, and remediation recommendations.
• Deliver comprehensive technical vulnerability reports that clearly outline both technical and business risks, include steps for exploit replication and remediation steps
• Work closely with application development teams and follow threat modelling sessions to understand the demands for security assessment
• Investigate security incidents using industry leading security tools
You'll be set up for success if you have:
• Master’s degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.
• Minimum 5 years of experience in cybersecurity, with a focus on content security and anti-piracy.
• Proven experience in penetration testing and vulnerability assessment of linear channels and OTT applications.
• In-depth knowledge of DRM systems, such as Widevine, FairPlay, and PlayReady.
• Strong reverse engineering and coding skills, with proficiency in languages such as C, C++, Python, or Java.
• Familiarity with network protocols, encryption algorithms, and content delivery architectures.
• Experience using security testing tools, such as Burp Suite, Wireshark, or Metasploit.
• Strong analytical, problem-solving, and communication skills.
• Ability to work independently and in a team environment.
• Good knowledge of how modern applications are designed, developed and deployed across different platforms
• Solid understanding of pentesting methodologies (e.g. OWASP, OSSTMM, PTES)
• Strong knowledge of foundational IT concepts
• Experience in security monitoring and threat hunting
• Good understanding of different operating systems - Windows/Linux/ MacOS
• Able to communicate complex information clearly and logically, both verbally and in writing.
• A passion for security
Even better if you have:
• Industry certifications such as OSCP, OSCE, or CREST CCT are highly desirable.
• CREST or TIGER certification
• Experience in conducting red team exercises
• Experience working in a Media/Broadcasting environment
• Experience with scripting/query languages and automation
• Sound understanding of Secure Engineering Principles and Standards (ISO27001/PCI/NIST)
• Knowledge of JIRA, Confluence, ServiceNow and Microsoft/AWS Security tools
• Bring relevant experience and certifications - but none specified.
--
You must verify your mobile number to apply to this job.