Sr. Security Analyst

Job Description

Welcome to Warner Bros. Discovery the stuff dreams are made of.

Who We Are

When we say, the stuff dreams are made of, we're not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD's vast portfolio of iconic content and beloved brands, are thestorytellersbringing our characters to life, thecreatorsbringing them to your living rooms and thedreamerscreating what's next

From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.

As a Senior Security Analyst, you will be an important member of the Warner Bros. Discovery Global Information and Content Security (GICS) team. This is a key role that will support Bug Bounty program and Attack Surface Management program, as part of the team within Application Security.

This role will triage vulnerability reports submitted to our Bug Bounty program and Attack Surface Management program. This role will work closely with other functions in the Application Security team (Engineering, Testing, and Vulnerability Management) to improve the overall security posture of Warner Bros. Discovery.

Job Responsibilities

- Support GICS Bug Bounty and Attack Surface Management programs.
- Triage vulnerability reports submitted to our Bug Bounty program this includes tracking and responding to submissions, reproducing and chaining vulnerabilities, coordinating with teams to triage and resolve issues, and providing feedback to security researchers.
- Assess vulnerability impact, risk, and escalate possible security incidents.
- Managing and maintaining enterprise attack surface management capabilities
- Provide actionable remediation feedback for findings and/or long-term risk mitigation guidance
- Provide clear communication on the issue to application owners and verify the efficacy of vulnerability remediations.
- Share learnings from the bug bounty program with adjacent security teams within the company as needed.
- Leverage learnings from the program to identify vulnerabilities in software applications and software designing processes to reduce security risks.
- Develop tooling to help automate vulnerability discovery and scanning for issues at scale.
- Advise application owners on violations of defined application security standards on targets tested for vulnerabilities
- Partner with developers to drive improvement in application security as a result of security assessment engagements
-

Qualifications & Experiences

- Hybrid work environment. Must be based in the WBD's office, minimum three days/week
- A bachelor's degree in computer science, Cybersecurity, or other related fields, from an accredited university or an equivalent professional experience may suffice in lieu of a bachelor's degree
- 4+ years of experience in application security testing, code review, bug bounty hunting, or red teaming/capture the flag experience
- Experience conducting root cause analysis of vulnerabilities and determining feasible technical solutions
- Professional experience with web application security, network security, authN/authZ protocols, cryptography, automation, and other software security
- Experience in scripting in Python or other languages to build automation tools
- Must be a team player with excellent written and verbal communication skills
-

Preferred Qualifications

- Exposure to popular Application and API security standards including OWASP ASVS, OWASP Top 10, and OWASP Mobile Top 10.
- Prior experience managing or hunting on Bug Bounty programs.
- CEH, OSCP or equivalent certification.
- Experience working as part of a global team.
-

How We Get Things Done

This last bit is probably the most important Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/ along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.

Championing Inclusion at WBD

Warner Bros. Discovery embraces the opportunity to build a workforce that reflects the diversity of our society and the world around us. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, regardless of sex, gender identity, ethnicity, age, sexual orientation, religion or belief, marital status, pregnancy, parenthood, disability or any other category protected by law.

If you're a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request.

---