Sr. Information Security Engineer

Welcome to Warner Bros. Discovery… the stuff dreams are made of.

Who We Are…

When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating what’s next…

From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.

As a Sr. Information Security Engineer, you will be an important member of the Warner Bros. Discovery Global Information and Content Security (GICS) team.  This is a key role that will focus on ensuring the adoption, deployment, fine-tuning, and development of tools, services, and processes that enable security controls in the SDLC (Software Development Life Cycle). This role will work closely with Development and DevOps teams to define security processes and integrations that support existing workflows and pipelines. This role will work across all aspects of the Application Security team (Engineering, Operations, Testing, and Vulnerability Management) to ensure an efficient and effective Application Security Pipeline 

 

Job Responsibilities 

 

Operational    

• Act as a security-focused engineering leader that is passionate about learning, mentoring, teaching, and problem solving  

• Work collaboratively and proactively across the organization with product teams on Application Security initiatives  

• Be creative and solve problems with scalable solutions  

• Identify and define application security requirements and author security policies  

• Maintain knowledge of current and emerging secure application technologies, products, and trends  

• Actively and continuously share role-specific knowledge with team members and product teams  

• Participate in Agile SCRUM ceremonies, requirements gathering, priority and risk identification, proposing solutions, estimating timeframes, and driving tasks to completion  

  

Technical   

• Build, maintain, deploy, and operate security tools and configuration at-scale for the Application Security program   

• Collaborate with product teams to ensure secure coding best practices are followed   

• Identify and support the development of new security tools that enable the team to increase coverage, scale, and monitoring  

• Review and contribute to application designs and solutions  

• Collaborate with engineers to maintain and continually improve existing security tools  

 

Qualifications & Experiences: 

• 5+ years of proven and extensive Software Engineering experience developing and maintaining scalable, Cloud-native software solutions  

• Proven and extensive experience with container technologies, AWS, and infrastructure-as-code (IaC) such as Terraform, Cloud Formation, etc.  

• Proven and extensive experience building tools and automation to support an Application Security team  

• Proven and extensive experience in secure software development principles in various languages and frameworks (Python, JavaScript, TypeScript, Java, Go, etc.)  

• A strong desire to help engineering teams build consumer applications securely   

• Strong understanding of software development methodologies and secure coding practices  

• Strong understanding of the SDLC and CI/CD pipelines  

• Strong understanding of application security standards and practices, such as the OWASP Top 10  

• Knowledge of practical threat modeling for consumer applications  

• Demonstrated ability to explain risks and vulnerabilities to both technical and non-technical audiences  

• Hands-on experience working with DevOps and Agile-driven product teams  

• Excellent written and verbal communication skills  

• Ability to work effectively in a team or individually and receptive to feedback  

 

Preferred Qualifications  

• Exposure to popular application and API security standards including OWASP ASVS, OWASP Top 10, and OWASP Mobile Top 10. 

• Experience with GitHub Security features  

• Knowledge of cloud security principles  

• Bachelor's degree in IT, Computer Science, or Information Security preferred  

• ISC2 CSSLP, GIAC (GWEB, GCSA), or other Security Certifications 

How We Get Things Done…

This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/ along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.

Championing Inclusion at WBD

Warner Bros. Discovery embraces the opportunity to build a workforce that reflects the diversity of our society and the world around us. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, regardless of sex, gender identity, ethnicity, age, sexual orientation, religion or belief, marital status, pregnancy, parenthood, disability or any other category protected by law.

If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request.