As Discovery’s portfolio continues to grow – around the world and across platforms – the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds, implements and maintains the business systems and technology that are critical for delivering Discovery’s products, while articulating the long-term technology strategy that will enable Discovery’s growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.
Within our Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for a function so critical to Discovery. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Information Security Team at Discovery is a group of cyber security professionals, that are using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast across the globe on Discovery Channel, Animal Planet, Discovery ID, TLC, EuroSport and more. From the US to Singapore, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.
The Cyber Security Engineer will play a key role in supporting Discovery 24x7x365 Cybwe Security Operations Center (CSOC). This is a technical security operations role with core focus on continuous monitoring, incident response and threat intelligence activities, utilizing internal and external resources.
This role will require one to work across multiple global organizations and service providers in order to effectively monitor for suspicious activity as well as make recommendations to improve the security posture and protect the Discovery brand.
1. Support all aspects of Information Security Operations initiatives
2. Respond to day-to-day security requests from Sr. Director of Cyber Security Operations and the CISO.
3. Monitor and analyze Intrusion Prevention Systems (IPS), Anomaly Detection Systems (ADS), Splunk (SIEM) to identify and investigate potential security events and issues for remediation.
4. Proactively recognizes potential successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
5. Evaluate/deconstruct malware (e.g. obfuscated code) through open-source and vendor provided tools
6. Trains and tasks other staff to analyze and review security event logs and incidents and remediate issues as necessary (i.e., staff management/supervisory experience is preferred)
7. Communicates and escalate security alerts, intrusions, and compromises, to various IT groups in multiple locations.
8. Assists with the design and implementation of cybersecurity counter-measures or mitigating controls as necessary.
* Bachelor Degree from an accredited university in business or IT related discipline (may substitute with a minimum of 12 years of IT engineering and supervision experience)
* 5+ years of progressive experience with increasing responsibilities within a Security Operations environment
* 3+ years of IT security engineering work experience including 2+ years of cloud security environment))
* 2-3 years of security architecture experience (Preferred: 1-2 years of working on cloud security - AWS )
* Security Event Information Management (SEIM) experience such as Splunk
* Strong working knowledge with industry IT security tools. Experience with FireEye, RSAM, EnCase, FireEye, Yara, OllyDbg, IDA Pro a plus.
* Must have a strong foundation of Network and Security skills, fundamental knowledge of Windows, Linux/UNIX Operating Systems, Palo Alto Next-Gen Firewalls/Tools (Panorama, Autofocus, Wildfire, etc.), networking protocols and traffic analysis, Akamai/AWS DDOS solutions (e.g., layer 3-4, layer-7 WAF, etc.)
* Subject Matter Expert-level skills in Incident Response and IDS/IPS Monitoring, Forensics, Malware Analysis
* Independent tasking and project completion with little supervision is a must
* Excellent analytical, problem solving skills and interpersonal skills to interact with users, team members and sr. management
* Investigates, interprets, and responds to technical and/or complex IT security data. Demonstrated ability to work within matrixed resources in a team environment. Possesses strong organizational, time management and diplomacy skills.
* Engineering related certifications, extensive experience with IT security tools, working technical knowledge of network, server, storage and desktop hardware and software
* Desirable certifications include CISSP, GREM, GCIH, GCIA, CEH, CISM, GCED, GCFA, OSCP
* Must have the legal right to work in the US
VA, Virginia, Sterling, NOVA, Northern Virginia