Requisition ID 14739
As Discovery Communications’ portfolio continues to grow – around the world and across platforms – the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds, implements and maintains the business systems and technology that are critical for delivering Discovery’s products, while articulating the long-term technology strategy that will enable Discovery’s growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.
From Amsterdam to Singapore and from satellite and broadcast operations to SAP, we are driving Discovery forward on the leading edge of technology.
Within our Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for a function so critical to Discovery Communications. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Information Security Team at Discovery is a growing group of cyber security professionals, that are using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast across the globe on Discovery Channel, Animal Planet, Discovery ID, TLC, EuroSport and more. From the US to Singapore, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.
The Cyber Security Engineer will play a key role in supporting Discovery Communications 24x7x365 Security Operations Center (SOC). This is a technical security operations role with core focus on continuous monitoring, incident response and threat intelligence activities, utilizing internal and external resources. This role will require one to work across multiple global organizations and service providers in order to effectively monitor for suspicious activity as well as make recommendations to improve the security posture and protect the Discovery Communication brand.
1. Support all aspects of Information Security Operations initiatives
2. Respond to day-to-day security requests from the Director of Information Security Operations and the CISO.
3. Monitor and analyze Intrusion Prevention Systems (IPS), Anomaly Detection Systems (ADS), Splunk/ArcSight/QRadar (SIEM) to identify security issues for remediation.
4. Proactively recognizes potential successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
5. Evaluate/deconstruct malware (e.g. obfuscated code) through open-source and vendor provided tools
6. Tasks other analysts to analyze the IDS and remediate security issues found
7. Communicates alerts to IT groups regarding intrusions and compromises to their network infrastructure, applications and operating systems
8. Assists with implementation of counter-measures or mitigating controls.
• Bachelor Degree from an accredited university in business or IT related discipline (may substitute with a minimum of 12 years of IT engineering and supervision experience)
• 5+ years of progressive experience with increasing responsibilities within a Security Operations environment
• 8+ years of IT security engineering work experience
• 5+ years of security architecture experience
• Security Event Information Management (SEIM) experience such as Splunk
• Strong working knowledge with industry IT security tools. Experience with FireEye, RSAM, EnCase, FireEye, Yara, OllyDbg, IDA Pro a plus.
• Must have a strong foundation of Network and Security skills, fundamental knowledge of Windows, Linux and Cisco operating systems, networking protocols and network traffic analysis, and information security
• Subject Matter Expert-level skills in Incident Response and IDS Monitoring, Forensics, Malware Analysis
• Independent tasking and project completion with little supervision is a must
• Excellent analytical and problem solving skills as well as interpersonal skills to interact with users, team members and senior management;
• Investigates, interprets, and responds to technical and/or complex IT security data. Demonstrated ability to work within matrixed resources in a team environment. Possesses strong organizational, time management and diplomacy skills.
• Engineering related certifications, extensive experience with IT security tools, working technical knowledge of network, server, storage and desktop hardware and software
• Desirable certifications include CISSP, GREM, GCIH, GCIA, CEH, CISM, GCED, GCFA, OSCP
• Must have legal right to work in the United States