company_logo

Full Time Job

Director, Cloud Security Engineering

Warner Bros. Discovery

Atlanta, GA 6 days ago
Apply @ Employer
  • Paid
  • Full Time
  • Executive (10+ years) Experience
Job Description
Welcome to Warner Bros. Discovery… the stuff dreams are made of.

Who We Are…

When we say, ''the stuff dreams are made of,'' we're not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD's vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating what's next…

From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.

Your New Role...
The Director of Cloud Security Engineering will lead the evolution of a best-in-class cloud security operations program at Warner Bros. Discovery (WBD). Leveraging your significant experience in information security, cloud architecture and engineering, vulnerability management, and DevSecOps practices, you will be expected to broaden and sharpen our capability to manage the incoming security engineering needs while rapidly surfacing, driving down, and reporting on vulnerabilities across our AWS, GCP, and Azure environments.

Your Role Accountabilities...
• Lead and mentor teams of cloud security professionals providing technical guidance and support to ensure their success in WBD's InfoSec department.
• Act as a highly technical cloud security and pipeline automation subject matter expert.
• Lead, expand, and modernize WBD's Cloud Vulnerability Management program.
• Research, innovate, and design cloud first security solutions.
• Identify opportunities to reduce cloud security risk for WBD and lead the team in implementation of those solutions.
• Collaborate with senior management and department leaders to assess near- and long-term cloud security needs and report on progress of vulnerability remediation.
• Lead partnerships with external DevOps and SRE teams to consult on secure cloud development practices and develop artifacts to help them integrate cloud security automation into their pipelines.
• Create, maintain, and present documentation as it relates to cloud security operation's designs/configurations, processes, standards, and recommendations.
• Provide guidance for security remediation to business and IT partners by demonstrating real, practical risk and value.
• Maintain an awareness of cloud-costs and the cost implications of the security controls implemented.
• Interface with Public Cloud providers to improve the security feature set of their products.
• Interface with cloud security vendors to evaluate features and determine proof-of-value.
• Staying current with the latest cloud threat mitigation tools and techniques.

Qualifications & Experience...
• Ability to work a hybrid model (3 days onsite) out of our Atlanta, DC, or Silver Spring office
• Bachelor's or master's degree in computer science, Information Security, or related field. required.
• 10+ years of experience in the Information Security space.
• 4+ years of experience directly leading technical teams in an Agile environment.
• 2+ years of experience in threat assessment and reporting security posture to leadership.
• Strong understanding of cloud-based infrastructure components with specific understanding of security risks presented in decentralized and hybrid environments.
• Comfortable automating processes start to finish and can work closely with internal architecture and external product teams.
• Demonstrated knowledge of OWASP and SANS testing methodologies
• Superior analytical and problem-solving skills.
• Excellent written and verbal communication skills; strong attention to detail.
• Strong executive reporting and narrative based presentation skills.
• Hands-on experience with some of the following:
• Docker and Kubernetes
• Developing & securing Serverless applications
• Security administration in AWS/GCP/Azure
• CI/CD and DevOps Tooling (Git, Jenkins, CircleCI)
• Infrastructure as Code tools (CloudFormation, Terraform)
• Command Line experience (Bash, Powershell, AWS-CLI)
• Cloud native security related tools (AWS Guard Duty, AWS WAF, GCP Security Center)
• Cloud Network (VPC) engineering
• Remains productive while rapidly switching context.
• Thirst for knowledge and constantly driven to stay current with evolving threat landscapes.

The Nice to Haves
• Certifications in related areas (e.g. SANS GPEN/GWAPT/GXPN, OSCP, CEH) are a plus
• AWS Certifications – AWS Solutions Architect (Associate), AWS Security Specialty
• GCP Certifications – Associate Cloud Engineer, Professional Security Engineer
• Security Engineer Certifications – CISSP, CompTIA Security+
• Proficient in at least one scripting language (Python, Nodejs, Golang)
• Core understanding of IP Networking, routing, VPNs.
• Some visualization tool knowledge (i.e. Tableau, Power BI)
• Familiarity with tools such as Wiz, Qualys, Splunk, AlertLogic, Burp, nmap, Metasploit, etc.

#LI-Hybrid

Championing Inclusion at WBD
Warner Bros. Discovery embraces the opportunity to build a workforce that reflects the diversity of our society and the world around us. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.

If you're a qualified candidate and you require adjustments or accommodations to search for a job opening or apply for a position, please contact us at recruitadmin@wbd.com.

Jobcode: Reference SBJ-d8jowq-100-28-227-63-42 in your application.