Welcome to Warner Bros. Discovery… the stuff dreams are made of.
Who We Are…
When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating what’s next…
From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.
Application Security Manager will be responsible for leading and establishing a team that will be testing and identifying potential security vulnerabilities in Applications both Web and Mobile, APIs and related technologies.
This individual will have prior experience in security preferably in application security or product security, along with some prior hands-on experience in developing APIs and testing APIs.
As Application Security Manager, you will be responsible for leading a team that will be testing and identifying potential vulnerabilities, get hands on with application security testing when needed and provide technical guidance/mentorship for the team, along with helping the respective product or engineering teams to remediate the vulnerabilities in a timely manner.
Job Responsibilities
Provide guidance and recommendations to other teams to improve the security of Applications, and APIs.
Demonstrate deep understanding of computer networks, operating systems, databases, web applications, and APIs.
Develop, implement and maintain Application security and API security strategy.
Develop API Security guidelines, help establish API security systems that discover, catalog and scan APIs.
Assist project team, key stakeholders, and management to prioritize business requirements and develop and maintain detailed project plans using standard tools.
Help determine resource roles needed and work with management to secure project team members.
Effectively assist in leading by influence and work in a matrix/cross functional (BU Champions).
Assist in establishing and coordinating the project plan for migration of the project into production.
Assist with developing and defining new and improved workflow and initiatives.
Help provide training and training materials for new processes.
Work with key stakeholders to define and document communication plan.
Assist management with special assignments, such as evaluating vendors, gathering/evaluating consultant proposals, or other responsibilities as requested.
Provide clear communication on the issue to developers and verify the efficacy of the ‘fix’.
Provide actionable remediation feedback for findings and/or long-term risk mitigation guidance.
Collaborate with key stakeholders to understand team needs and dependencies to better align business processes.
Assist in developing and executing a methodology to evaluate, prioritize and monitor the success of the business processes.
Accurately and clearly articulate strategic issues and provide relevant, logical options for solving them.
Work closely with cross-functional teams including software engineers, and DevOps engineers to integrate security into the software development lifecycle.
Help leadership in creating comprehensive and meaningful strategy and roadmap presentations.
Ability to build a framework and drive development through dynamic business intelligence tools and dashboards for use in ongoing business planning and goal measurement through KPIs.
Support and maintain tools/capabilities used for API security and Application security.
Develop and mentor other security engineers.
Must be based in the WBD’s office, minimum three days/week.
Qualifications & Experiences:
A bachelor’s degree in engineering, computer science, cybersecurity, or other related fields, from an accredited university or an equivalent professional experience may suffice in lieu of a bachelor’s degree.
7 or more years of experience with 3 or more years of management experience.
Experience building and evaluating system-level technical design.
Experience working directly with engineering teams
Experience with any combination of the following: API security or implementation, software development, mobile security, threat modeling experience, secure coding, identity management and authentication.
Experience with multiple programming languages is a definite plus (such as, Java, Python, Javascript, Go, etc.).
Prior hands-on experience in developing and publishing APIs.
Subject matter expertise in Application Security, and API Security.
Experience implementing and/or driving security solutions at the business level.
Experience managing stakeholders at the VP level and excellent written and verbal communication skills.
Experience with secure software development lifecycle, distributed systems and security protocols.
Experience in creating custom tools, and scripts to automate testing and make security testing process more efficient.
Preferred Qualifications
Exposure to popular application and API security standards including OWASP ASVS, OWASP Top 10, and OWASP API Security Top 10.
Strong understanding of API patterns and frameworks.
Experience with security tools and techniques, including secure coding practices, encryption, and access controls.
How We Get Things Done…
This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/ along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.
Championing Inclusion at WBD
If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request.