Sr. Security Operations Analyst

Job Description

Your New Role:

As the Warner Bros. Discovery (WBD) portfolio continues to grow – around the world and across platforms – the Global Technology and Operations (GT&O) team is building media technology and IT systems that meet the world class standards for which WBD is known for. GT&O builds, implements, and maintains the business systems and technology that are critical for delivering WBD's products, while articulating the long-term technology strategy that will enable WBD's growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.

Within our Global Content & Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for this critical function. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Global Information and Content Security (GICS) Team at WBD is a growing group of cyber security professionals, using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast and media content we produce across the globe on CNN, Discovery Channel, Animal Planet, Discovery ID, HBO, TLC, TBS, EuroSport, TVN, WB and more.  From US to Singapore, Poland, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.

The Role

The Senior Security Operations Analyst – CSOC is a Senior level non-management role that reports directly to the CSOC Manager. They will be responsible for guiding a hybrid team of security analysts tasked to detect, triage, analyze, respond, and report cybersecurity incidents in addition to performing advanced analysis and assisting with incident response. A successful candidate will be able to use experience, knowledge, and critical thinking to perform CSOC duties that deviate from daily norms with minimal guidance and mentor more junior analysts on the solution. As a Senior Analyst, this individual must be highly organized, detail oriented, and able to manage multiple investigations, projects, and deliverables at once.

Your Role Accountabilities:

Key Areas of Responsibility

Security Operations
• In-depth security event analysis
• Facilitate and oversee the execution of day-to-day directions given by CSOC Manager
• Enhancing detection and alert maturity
• Enhancing technical and administrative processes and procedures.
• Providing blue team subject matter expertise to advise CSOC Leadership and mentor Analysts.
• Document and communicate findings and after-action reports to the entire security team.
• Review investigations and perform QA/QC.
• Drive alert logic refinement through tuning and whitelisting.
• Train and Mentor Associate and Mid-level Analysts
• Preforming Tier 3 On Call rotations to include Weekends or Nights
• Additional tasks and duties as directed by CSOC Manager

Support IR investigations
• Incident coordination by assignment of Work Streams and creation of reports
• Serve as the technical escalation point for the CSOC team.
• Provide ad-hoc training to team members.

Project Work
• Perform CSOC maturity projects under the guidance of Cyber Operations Leadership
• Partner with Security Engineering teams to enhance features and capabilities within current security tooling.
• Create and update written policies and procedures.

Qualifications & Experiences:
• 5-7 years of relevant experience or equivalent demonstrable knowledge & skill set.
• Ability to think critically to solve problems with minimal guidance.
• Ability to perform comprehensive Incident, root cause analysis and write technical reports.
• The ability to conduct investigations on multiple operating systems such as Linux, iOS, and Windows.
• Experience performing manual log analysis from a variety of host-based and network-based sources.
• The ability to conduct security investigations without the assistance of pre-extracted data or pre-established queries across multiple platforms like a SIEM, OS CLI/Terminal, EDR tool, etc.
• Familiarity with Digitial Forensics and Incident Response (DFIR) concepts
• Experience participating in CIRT/CSIRT investigations.
• Knowledge of exploits, vulnerabilities, malware families and common attack vectors
• Experience with firewalls, intrusion detection/prevention systems
• Effective in collaborating with teams in remote offices and multiple cultures across the globe​.

Not Required but preferred experience:
• Intermediate or higher Security Certifications are a plus - CYSA+, CISSP, CFR, CHFI, GCIH, GCFA, or GNFA, PenTest+, OSCP, etc.

If you're a qualified candidate and you require adjustments or accommodations to search for a job opening or apply for a position, please contact us at recruitadmin@wbd.com.

Jobcode: Reference SBJ-gwwjek-3-144-227-72-42 in your application.