Analyst, Application Security Vulnerability

Job Description

The Role

As an Application Security Vulnerability Analyst, you will be an important member of the Warner Bros. Discovery Global Information and Content Security (GICS) team. This is a key role that will be focused on application security vulnerability management for our streaming media services and other supporting applications. The successful candidate will be responsible for managing application security vulnerabilities from a variety of sources while providing recommendations for remediation working with developers and engineers. This position requires strong application technical skills, as well as the ability to communicate effectively with stakeholders and collaborate with cross-functional teams.

If you:
• are passionate about building application security solutions
• want to work in an international, face-paced company
• want to learn how to secure consumer-facing applications
• would like to be a part of an experienced team of practitioners open to sharing their knowledge
• want to have a visible impact on the security of a large suite of products

Join us!

Key Areas of Responsibility
• Work collaboratively and proactively across the organization on improving application vulnerability process and automation
• Be creative and solve application security problems.
• Conduct in-depth assessments of application security vulnerabilities and risks
• Leverage various security tools and techniques to identify and prioritize vulnerabilities in applications
• Stay up-to-date with the latest application security threats, vulnerabilities, and exploits
• Participate in incident response and investigations related to application security incidents
• Create and mature light automation between tools, defect, and ticket management systems
• Develop and implement remediation plans for identified vulnerabilities
• Drive remediation efforts against vulnerability management SLA timelines across stakeholders

Required Qualifications:
• Proven experience in application security vulnerability management, vulnerability management platforms and reporting
• Proven experience with application security testing tools such as Burp Suite or OWASP ZAP, DAST.
• Strong knowledge of application security vulnerabilities, testing methodologies, and industry best practices
• Working knowledge of ticket management in JIRA and ability to create robust queries in defect management systems
• Knowledge of web application development frameworks for web and mobile applications
• Experience creating simple automation using Python, groovy and/or other scripting languages
• Experience with integrating application security tools with vulnerability management platforms
• Ability to communicate effectively with technical and non-technical stakeholders about application vulnerabilities and risk.

Preferred Qualifications:
• Knowledge of API security architecture and technologies
• Experience with secure coding practices and security testing of mobile applications
• Bachelor's degree in IT, Computer Science, or Information Security preferred.
• Security certifications such as OSCP, GMOB, GPEN, or GXPN

Jobcode: Reference SBJ-d8pk39-3-147-42-168-42 in your application.