Information Security Engineer – Risk & Vulnerability Management
Warner Bros. has been entertaining audiences for more than 90 years through the world’s most-loved characters and franchises. Warner Bros. employs people all over the world in a wide variety of disciplines and we’re always on the lookout for energetic, creative people to join our team. We are currently seeking an Information Security Engineer – Risk & Vulnerability Management team.
Warner Bros. Technology (WBT) combines Warner Bros.’ industry-leading technologists and disciplines to ensure global alignment with business strategy and accelerated delivery of innovative technology solutions studio- and industry-wide. WBT manages the Studio’s enterprise systems and solutions, emerging platforms, information security, consumer intelligence, content mastering and delivery, and more.
What part will you play?
Do you love DC Comics, tv shows like the Big Bang Theory, and movies like Suicide Squad? Do you want to be part of a global brand that provides security to some of our most loved properties around the world? Do you possess the technical chop to secure our properties so we don’t get hacked?
As an Infosec Engineer on our RVM team you will make a big impact by identifying, managing, and remediating risk for system owners. You’ll evaluate infosec assessments and provide your expertise opinion and due diligence in working with our 3rd party vendors, systems, and solutions.
What will you do?
- Support enhancements and new development of pen testing tools.
- Coordinate and execute vulnerability testing and reporting on internal and 3rd party systems
- Direct network penetration tests of Intranet and Internet networks.
- Responsible for ongoing remediation tracking and reporting to ensure that identified vulnerability are addressed.
- Execute mobile and web application testing.
- Plan, coordinate, and execute application architecture and engineering reviews to help ensure that new services are secure by design.
What do we need from you?
- Smarts! A Bachelor’s Degree in Computer Science in Information Security or related field. If you do not possess a degree that’s okay too if you have Infosec tech chop.
- At least 3 years of Information Security experience working as a “red teamer” or on an RVM team.
- Unix Administration Experience (we will consider Windows too but we love open source).
- Experience with any types of vulnerability scanning tools. Qualys is big plus as you will be using this tool on a daily basis.
- Scripting in either one of these languages – Python, Bash, Shell, Perl, Ruby, etc.
- Cloud Security Experience – AWS, Azure, or proprietary cloud
- Strong understanding of OWASP’s secure application development guidelines.
- Awesome communication skills – This role will interact with stakeholders across WBT and includes executive leadership as well.
Bonus points for?
- Experience with media, production, and post production digital media systems and services.
- Experience with on-line and mobile gaming systems.
- Background in Incident Response (SOC/IR)