Associate Security Tools Engineer

Job Description

Open to remote locations across the US.

The Job

In an effort to become even more risk and data-driven, the WarnerMedia Security Insights team is looking to expand use of key performance indicators and key risk indicators for use with security leaders, senior leaders at WarnerMedia, and with the board of directors. These metrics will be used to measure and monitor trends in cyber risk, and present insights, recommendations and opportunities to reduce cyber risk across the company. This role will be responsible for data wrangling, analysis, and application of machine learning and artificial intelligence to security data sets.

Specific responsibilities will include:
• Maturing existing risk-based metrics, including the key risk indicators
• Continuing to expand the key risk indicator dashboard to produce business unit views (HBO Max, CNN, etc) for use by the Business Information Security Officers
• Further automating key risk indicator dashboard to allow for more time spent on insights (versus data wrangling)
• Evaluating quality of data sets, identifying efforts that can be made to improve quality, and executing on those efforts
• Identifying opportunities to collect additional and better security data, and executing on those efforts
• Developing innovative and interactive security data visualizations that can be understand be leadership and non-security audiences
• Identifying opportunities to leverage machine learning or artificial intelligence on the massive data sets we have at our disposal
• Identifying opportunities to quantify risk in terms of dollar ranges
• Developing additional expertise in WarnerMedia security data and tools

The Daily
• Wrangling data to produce key risk indicators by business unit so that WarnerMedia can have organizational views of cyber risk and better identify opportunities to reduce risk
• Automating data pulls using tools such as Jupyter Labs, Python, R, SQL, and others in order for the team to spend more time on insights
• Evaluating quality of data sets, identifying efforts that can be made to improve quality, and executing on those efforts to improve our accuracy and precision around cyber risk
• Produce various data visualizations through the use of Tableau or Power BI to tell the story of security to leadership and non-security audiences.
• Identifying opportunities to leverage machine learning or artificial intelligence data sets to make better recommendations on how risk can be reduced or to predict areas where risk may increase

The Essentials
• Bachelor's degree from an accredited college or university or equivalent related experience
• Experience with analytics - descriptive, predictive, and prescriptive
• Experience with Python, Jupyter Labs, Powershell, SQL, Tableau, or PowerBI
• Experience with Splunk, ServiceNow or Vulnerability Management Tools
• Experience with a risk-based data centric approach using risk frameworks such as NIST-CSF
• Critical thinking skills with an inquisitive and questioning nature Ability to think big picture; a ''systems thinker''
• Build and nurture relationships, gain consensus for ideas and plans, and have excellent communication skills to present solutions that will facilitate data-driven solutions
• Ability to work successfully in a cross matrixed IT and business team environment.
• Ability to formulate detailed technical documentation, remediation requirements.
• Self-motivated, with experience operating with remote, global teams
• Strong interpersonal and influencing skills of people at different levels and with different backgrounds and experiences
• Good understanding of secure software development best practices, network and other technical security controls
• Strong collaboration and experience working in matrixed environments

Jobcode: Reference SBJ-gwe75p-3-17-79-60-42 in your application.