QA Automation Engineer
New York, NY
The principle will lead hunts for vulnerabilities that could lead to a data breach or IT disruption and collaborates with his/her peers in the Cyber Security Office, the company's business leaders the company's IT staff to improve the company's information security posture and reduce the likelihood of a disruptive cybersecurity event.
• Oversee the development cybersecurity attack plans to test the security of key applications, detection and response capabilities within the company.
• Critical understanding of the cyber attacker kills chain elements, with particular emphasis on attack objectives.
• Promote collaboration with our developers and vulnerability researchers to prioritize the attack tool planning and custom development.
• Understand and apply attack and penetration concepts including the attack surface; identification of system software and configuration vulnerabilities and critical information, data and processes that must be protected.
• Coordinate with other Red Team members to achieve the specified objectives.
• Develop the mission reports that the define success or failure of each attack.
• Work with business leaders and other ISO staff to prioritize vulnerability findings for remediation.
• Other duties as required.
• 5-7 years of attack and penetration testing experience
• 7-10 years of technology experience
• 3-5 years of management or leadership experience
• Expertise in all aspects of security disciplines: Information security, software development, vulnerability assessments, threat analysis, incident response, threat modeling, security intelligence and forensic investigations.
• Experience with Windows operating systems and security (boot process, subsystems, kernel- and user-level processes, networking, Active Directory, NTFS/NTFS security), Ubuntu, Kali Linux in addition to:
• Proficient with common attack tools (Immunity CANVAS, Burp, SET, Metasploit, Nmap, Nessus) and defensive tools (Snort Intrusion Detection System(IDS)/Intrusion Prevention System(IPS), tcpdump, Wireshark, Security Onion IDS Linux Distribution)
• Strong written and verbal communication skills
• Exclusive WarnerMedia events and advance screenings
• Paid time off every year to volunteer
• Access to well-being tools, resources, and freebies
• Access to in-house learning and development resources
• Part of the WarnerMedia family of powerhouse brands
WarnerMedia is a leading media and entertainment company that creates and distributes premium and popular content from a diverse array of talented storytellers and journalists to global audiences through its consumer brands including: HBO, HBO Now, HBO Max, Warner Bros., TNT, TBS, truTV, CNN, DC Entertainment, New Line, Cartoon Network, Adult Swim, Turner Classic Movies and others.