Senior Security and Identity Escalation Engineer

Job Summary

We are UMG, the Universal Music Group. We are the world's leading music company. In everything we do, we are committed to artistry, innovation and entrepreneurship. We own and operate a broad array of businesses engaged in recorded music, music publishing, merchandising, and audiovisual content in more than 60 countries. We identify and develop recording artists and songwriters, and we produce, distribute and promote the most critically acclaimed and commercially successful music to delight and entertain fans around the world.

As the Sr Security & Identity Escalation Engineer, you will be the ultimate escalation point and subject matter expert for all identity and security-related issues within our Global Technical Operations. This is a senior technical role that requires a strategic mindset, deep-seated expertise in identity and access management (IAM), and the ability to lead complex troubleshooting efforts in a global enterprise environment. You will not only resolve the most challenging technical issues but also drive the operational strategy for threat mitigation, security within Tech Ops, and operational excellence.

Job Functions

• Act as the Final Escalation Point for Identity & Security Incidents: Own and resolve the most complex and critical security and identity incidents, which other teams have been unable to solve. Provide leadership during high-severity events, coordinating cross-functional teams to ensure rapid and effective resolution.

• Develop Escalation Frameworks: Design, implement, and refine the escalation management process for the entire Global Technical Operations Center, ensuring that incidents are triaged, documented, and resolved efficiently.

• Strategic Troubleshooting & Root Cause Analysis: Move beyond simple fixes to conduct deep-dive root cause analysis (RCA) for recurring, complex problems. Develop long-term solutions, including automation and architectural changes, to prevent future incidents.

• Mentor & Uplevel the Team: Serve as a technical leader and mentor to junior engineers. Develop and lead training sessions on advanced security concepts, threat landscapes, and internal best practices to elevate the entire team's capabilities. Foster a culture of continuous learning and operational excellence within the team. Maintain and enhance knowledge of key technologies.

• Architectural Collaboration: Partner with security and identity architects to influence and enforce standards. Ensure that new and existing systems are built on the principles of Zero Trust and Defense in Depth.

• Automation & Optimization: Identify opportunities for network automation, scripting, and tool development to streamline operational tasks and improve efficiency.

• Capacity Planning & Performance Monitoring: Monitor, analyze, and report on capacity and utilization. Develop strategies for growth, capacity planning, and performance improvement.

• Documentation & Standards: Create and maintain comprehensive documentation for configurations, standard operating procedures (SOPs), and incident response protocols.

• Communication & Stakeholder Management: Communicate effectively with technical and non-technical stakeholders, including senior management, regarding incident status, resolution plans, and identity or security issues. Build partnerships and trust with other information technology areas, vendor technical staff, and customers in the business units.

• Make UMG the place to be: Mentoring and genuinely leading the team in a way that attracts and retains the best talent. UMG is a place where everyone can bring themselves fully to work and thrive, as a Leader you are a key part of this.

• Work out of standard business hours will occasionally be required

Job Requirements

Essential:

• Expert-Level Identity Management:
• Demonstrated mastery of enterprise identity platforms and protocols, including Azure Active Directory, Ping, Okta, Active Roles, Cayosoft, and Microsoft Identity Manager.
• Deep experience with modern authentication and authorization frameworks such as SAML, OAuth, OIDC, and SCIM.
• Proven ability in managing Privileged Access Management (PAM) solutions like CyberArk and multi-factor authentication (MFA) technologies like Duo and YubiKey.
• Advanced Security Operations:
• Experience in designing and implementing security architectures that align with organizational goals, incorporating principles such as Defense in Depth and Zero Trust Architecture.
• Proficiency in analyzing security data and identifying threats using tools like Splunk.
• A strong understanding of cloud security principles, particularly within Azure and O365 environments.
• Leadership & Seniority:
• A minimum of 10+ years of progressive experience in cybersecurity, with at least 5 years focused specifically on identity and access management.
• Demonstrated ability to lead high-stakes projects, manage competing priorities, and communicate complex technical issues to both technical and non-technical stakeholders.
• A strategic mindset with experience in developing technical roadmaps and recommending emerging technologies.
• Communication: Ability to communicate complex problems in a non-technical and simplified manner to stakeholders and end-users and to effectively communicate business needs to technology teams
• Industry certifications such as CISSP, CISM, or advanced vendor-specific certifications are highly desirable.
• Self-motivated with high degree of initiative and excellent follow-up skills, along with strong analytical and problem-solving skills

Desirable:

• Bachelor's Degree in Computer Science or Engineering or closely related field or comparable education and experience.
• AI implementation and utilization
• ITIL Foundation Certification strongly desired
• International experience is beneficial. Additional languages a plus.

Universal Music Group is an Equal Opportunity Employer.

Diversity & Inclusion

At Universal Music we are committed to fostering diversity and inclusivity as an equal opportunity employer. We encourage applicants from all backgrounds to apply for our roles regardless of their gender, race, ethnicity, nationality, age, sexual orientation, gender identity, intersex status, marital or family status, neurodiversity, religion or belief, disabilities, or socio-economic background. We also encourage people from all cultural backgrounds to apply, including First Nations people. It is through our diversity and inclusivity that we bring together different perspectives, enhancing our creative and evolving workplace. Music is Universal.

Disclaimer

The company presents this job description as a guide to the major areas and duties for which the jobholder is accountable. However, the business operates in an environment that demands change and the jobholder's specific responsibilities and activities will vary and develop. Therefore, the job description should be seen as indicative and not as a permanent, definitive and exhaustive statement.

Job Category:

Technology