Discovery Inc is the world’s #1 pay-TV programmer reaching 2.7 billion subscribers in more than 220 countries and territories. Global Technology & Operations provides technological infrastructure and operations support to ensure audiences can enjoy Discovery's programming around the world and across platforms. Already a leader in the factual and lifestyle genres, Discovery has expanded its core business into new genres: sports, entertainment and kids. Its platforms and product eco-systems are now engaged in terrestrial/free-to-air, OTT products and content development/production companies.
The Cyber Security Engineer will play a key role in supporting Discovery Inc 24x7x365 Security Operations Center (SOC). This is a technical security operations role with a core focus on continuous monitoring, incident response and threat intelligence activities, utilizing internal and external resources. This role will require one to work across multiple global organizations and service providers in order to effectively monitor for suspicious activity as well as make recommendations to improve the security posture and protect the Discovery Communication brand.
This position can be based in Sterling, VA or Knoxville, TN.
1. Support all aspects of Information Security Operations initiatives
2. Respond to, manage and contain security incidents
3. Monitor and analyze Intrusion Prevention Systems (IPS), Anomaly Detection Systems (ADS), Splunk (SIEM) to identify and investigate potential security events and issues for remediation.
4. Perform forensics on compromised systems.
5. Provide SME support to GIS management and DCI business
6. Evaluate/deconstruct malware (e.g. obfuscated code) through open-source and vendor provided tools
7. Assist GIS management with project plans and deployment of security technologies
8. Trains and tasks other staff to analyze and review security event logs and incidents and remediate issues as necessary (i.e., staff management/supervisory experience is preferred)
9. Contribute to the identification and definition of system security requirements and advise on the design of security monitoring infrastructure.
10. Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
11. Configure and troubleshoot security infrastructure devices and ensure the proper operation of security processing routines.
12. Perform vulnerability assessments and application security evaluations utilizing recognized security assessment tools.
13. Help establish and maintain processes to monitor network traffic for anomalous activity.
14. Develop security test plans based on system architecture, dataflow and hardware and software profile information.
15. Apply INFOSEC best practice and principles to network protocols, architectures, equipment, services, standards and technology.
16. Assist in the prompt investigation of security incidents and be prepared to isolate and remediate incidents pursuant to established procedures.
17. Assist with the engagement and coordination of third-party security assessments.
18. Communicates and escalate security alerts, intrusions, and compromises, to various IT groups in multiple locations
19. Assists with the design and implementation of cybersecurity counter-measures or mitigating controls as necessary
20. Maintain job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; and participating in professional organizations.
21. May perform other duties as assigned.
* 5+ years of progressive experience with increasing responsibilities within a Security Operations environment
* 3+ years of IT security engineering work experience including 2+ years of cloud security environment))
* 2-3 years of security architecture experience (Preferred: 1-2 years of working on cloud security - AWS )
* Understanding of and able to reference NIST framework, CSC framework, CSF framework, ITIL, COBIT, PCI, HIPAA, SOX and ISO 2700x.
* Certifications: GSEC, GCIH, SSCP, CCSP, CISSP-ISSEP, CEH, GCIA, GISF, Security Plus, Network Plus preferred but 7+ years of experience and demonstrated knowledge accepted
* Education: Bachelors degree required engineering degree preferred 7 years equivalent experience without a degree
* Frameworks/Standards: Extensive knowledge of NIST framework, CSC framework, CSF framework, ITIL, COBIT, PCI, HIPAA, SOX and ISO 2700x. Experience in referencing frameworks and developing requirements from the frameworks
* Candidate must be able to engage at any time to respond to an incident.
* This position is considered an essential position. This means that during times of inclement weather, emergencies, or when access to the workplace may be impeded, that employees in this position are expected to report to work to support business continuance, unless otherwise instructed by his/her direct manager.
* Must have the legal right to work in the United States
Sterling, Virginia, VA, Knoxville, Tennessee, KX, TN