Log In
Forget Password?

  Application Security Engineer
Employer: Discovery Communications Job Posted: 1/14/2020
Location: Bellevue, WA Job Status: Full Time

Job Description:

Requisition ID 23651

Position Summary

The Application Security Engineer to work closely with Discovery’s Information Security and Direct-to-Consumer (DTC) teams on initiatives to protect data, services, and technology assets and to design, deploy appropriate, risk-based application security safeguards and technical application security controls.

This is a key role within the Information Security organization that will be focused on application security for our streaming media service and other supporting applications. The Application Security Engineer will be a valued partner to development and engineering teams to ensure secure architectures, patterns, and solutions are created and maintained. This person will work closely with Discovery’s DTC application teams and will build a community of practice with developers within DTC to support effective communication and collaboration. This person will be the subject matter expert for secure code development and will work with various application engineering teams to develop alternatives for remediation of vulnerabilities.


1. Create and run secure code assessments with various application and services engineering teams
2. Run, maintain, and utilize security tools for the Appsec program, e.g., static and dynamic code analysis tools
3. Work with Red Teams and penetration testers to facilitate exercises and work with application developers and engineering teams on remediation
4. Assist with code reviews
5. Review and contribute to application designs and solutions
6. Participate in information security operations duties, including occasional incident response escalations
7. Perform risk and threat assessments
8. Evaluate and support application security technologies, processes and workflows on multiple platforms (e.g., Server/Client, Mobile, Tablet, etc.)
9. Develop and execute security assessment test plans
10. Collaborate with development teams to ensure secure coding best practices are followed
11. Review developers’ codes, provide feedback and perform security and risk assessment for consumer-facing applications, services, and future technology
12. Create/make pull requests to review and merge code in Git/GitHub or similar DVCS
13. Identify and define application security requirements and security baselines for the various classes of assets and environments in use at Discovery or its partners
14. Work collaboratively and proactively across the organization (e.g., Technical Architects/Leads, Product managers, Digital Media Program (AGILE) Teams, etc.) to support and remediate security vulnerabilities
15. Understand and recommend security controls for the rapid development of consumer-facing prototypes to identify technical options and inform architectural approaches
16. Identify and recommend best-of-breed security stack and controls for interactive consumer experiences across web and mobile devices. (i.e., project, customer, and vendor management skills)


• 4+years’ experience with application security
• Experience in application development with at least one modern programming language
• Knowledge of OWASP
• Knowledge of DevOps and Agile methods
• Hands on experience performing code reviews and with associated applications such as static and dynamic code analysis tools
• Knowledge of web application architectures
• Knowledge of threat modeling
• Broad knowledge of IT Security technologies, process, and techniques and a strong understanding of application security leading practices including OWASP and CWE.
Experience in code reviews, business logic assessment, and application security testing
• Experience w/public cloud environments (IaaS, PaaS, SaaS)
• Familiar with application security tools like BurpSuite Pro, SAST, DAST, nmap, Metasploit, and Kali Linux, etc.
• Experience in secure coding and software development in various languages (C#, .NET, Java etc.)
• Experience working with Agile development/Scrum teams, and enthusiastically incorporate security requirements into SDLC (CI/CD) with product owners/managers
• Familiarity with HTML/CSS, JavaScript and UI/UX design and software quality assurance principles
• Excellent communication and presentation abilities with great attention to detail
• Must have the legal right to work in the United States

Preferred Qualifications

• Other security experience such as application security incident handling, secure architecture, information security operations, GRC, etc.
• Experience working with and coding in Python, Node.js, JavaScript, Go, Ruby, PowerShell, Bash, and Scala. (SDK and RESTful API design/development is preferred)
• Cloud technology, specifically AWS

To Apply:


Entertainment Jobs in The Sports Industry

Search Jobs in TV, Radio, Film, Live Events and More


Want More Jobs Like This?
We love helping you with your job search -- we make it even easier by delivering the best jobs to your inbox.

Configure Job Alerts

A Few Related Jobs
Application Security Engineer
IT Security Engineer III
Principal Engineer Network Security
Maintenance Engineer
Chief Engineer
Sr. Content Metadata Engineer - Max
Senior JAMF Systems Engineer
Chief Engineer
Senior DevOps Engineer
Cloud Security Architect
Software Development Engineer I
Staff Engineer
Engineer I, Software
Chief Engineer
Security Guard
Senior Production System Engineer
Broadcast Maintenance Engineer
Staff Radio Engineer
Software Engineer
Senior Systems Engineer

We're Working For You!

Instead of spending massive amounts of time and energy searching through catch-all job sites or bookmarking hundreds of employer career pages and visiting them daily - instead of doing all the tedious work yourself, we do it for you.

Our staff is hard at work finding jobs from every entertainment employer and putting it all in one place, so you don't have to.

We�re the best at what we do and we'll prove it. Your satisfaction is guaranteed.

When you're ready to put your job search into high gear, upgrade your account and get full access to every entertainment job right now. While you're focused on getting the right job, we�ll make sure you don't miss any!


About Us  |  Career Advice Blog  |  Employer Directory  |  Contact Us
© 2012-2020 Work In Entertainment, LLC. Terms of Use | Privacy Policy.