Welcome to Warner Bros. Discovery… the stuff dreams are made of.
Who We Are…
When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating what’s next…
From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.
As a Sr. Information Security Engineer, you will be an important member of the Warner Bros. Discovery Global Information and Content Security (GICS) team. This is a key role that will focus on ensuring the adoption, deployment, fine-tuning, and development of tools, services, and processes that enable security controls in the SDLC (Software Development Life Cycle). This role will work closely with Development and DevOps teams to define security processes and integrations that support existing workflows and pipelines. This role will work across all aspects of the Application Security team (Engineering, Operations, Testing, and Vulnerability Management) to ensure an efficient and effective Application Security Pipeline
Job Responsibilities
Operational
Act as a security-focused engineering leader that is passionate about learning, mentoring, teaching, and problem solving
Work collaboratively and proactively across the organization with product teams on Application Security initiatives
Be creative and solve problems with scalable solutions
Identify and define application security requirements and author security policies
Maintain knowledge of current and emerging secure application technologies, products, and trends
Actively and continuously share role-specific knowledge with team members and product teams
Participate in Agile SCRUM ceremonies, requirements gathering, priority and risk identification, proposing solutions, estimating timeframes, and driving tasks to completion
Technical
Build, maintain, deploy, and operate security tools and configuration at-scale for the Application Security program
Collaborate with product teams to ensure secure coding best practices are followed
Identify and support the development of new security tools that enable the team to increase coverage, scale, and monitoring
Review and contribute to application designs and solutions
Collaborate with engineers to maintain and continually improve existing security tools
Qualifications & Experiences:
5+ years of proven and extensive Software Engineering experience developing and maintaining scalable, Cloud-native software solutions
Proven and extensive experience with container technologies, AWS, and infrastructure-as-code (IaC) such as Terraform, Cloud Formation, etc.
Proven and extensive experience building tools and automation to support an Application Security team
Proven and extensive experience in secure software development principles in various languages and frameworks (Python, JavaScript, TypeScript, Java, Go, etc.)
A strong desire to help engineering teams build consumer applications securely
Strong understanding of software development methodologies and secure coding practices
Strong understanding of the SDLC and CI/CD pipelines
Strong understanding of application security standards and practices, such as the OWASP Top 10
Knowledge of practical threat modeling for consumer applications
Demonstrated ability to explain risks and vulnerabilities to both technical and non-technical audiences
Hands-on experience working with DevOps and Agile-driven product teams
Excellent written and verbal communication skills
Ability to work effectively in a team or individually and receptive to feedback
Preferred Qualifications
Exposure to popular application and API security standards including OWASP ASVS, OWASP Top 10, and OWASP Mobile Top 10.
Experience with GitHub Security features
Knowledge of cloud security principles
Bachelor's degree in IT, Computer Science, or Information Security preferred
ISC2 CSSLP, GIAC (GWEB, GCSA), or other Security Certifications
How We Get Things Done…
This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/ along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.
Championing Inclusion at WBD
If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request.