Sr. Cybersecurity Architect Engineer
Discovery CommunicationsSterling, VA
Full Time Job
As Discovery Communications’ portfolio continues to grow – around the world and across platforms – the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds implements and maintains the business systems and technology that are critical for delivering Discovery’s products, while articulating the long-term technology strategy that will enable Discovery’s growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.
From Amsterdam to Singapore and from satellite and broadcast operations to SAP, we are driving Discovery forward on the leading edge of technology.
Within our Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for a function so critical to Discovery Communications. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Information Security Team at Discovery is a growing group of cyber security professionals, that are using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast across the globe on Discovery Channel, Animal Planet, Discovery ID, TLC, EuroSport, Olympics Games Broadcasts in Europe, and more. From the US to Singapore, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.
The Sr. Cybersecurity Architect / Engineer will be responsible for designing, documenting, developing and deploying Information Security related solutions, systems and technologies for use within the Discovery Communications network. This role requires strong engineering skills, an inquisitive and resourceful nature to challenge security controls, ability to continuously monitor services and conduct assessments on a variety of technologies, involving enterprise networks, web applications, mobile devices, “Internet of Things”, set-top boxes, and private wireless systems. This position is located in Sterling, VA.
The Sr. Cybersecurity Architect / Engineer will work closely with the Sr. Director of InfoSec Architecture and Engineering, and Discovery’s Broadcast, Digital, and Infrastructure teams to deploy appropriate, risk-based safeguards and technical security controls. Other responsibilities include:
1. Evaluate, deploy and support Information Security technologies, processes and workflows
2. Conduct cyber analysis and network monitoring
3. Research emerging cybersecurity threats and zero-day vulnerabilities
4. Develop and execute security assessment test plans, document and present results to customers
5. Monitor and maintain real-time monitoring infrastructure and assessment toolkits
6. Engineer, implement, and review security solutions to meet an ISMS framework
7. Perform design analysis, review, piloting, and selection of security technologies that meet specified requirements
8. Identify and define system security requirements and security baselines for the various classes of assets and environments (desktops, servers, networks, firewalls, devices, applications, cloud, and other technologies) in use at Discovery or its partners
9. Identify and address Information Security control gaps, abnormal behaviour patterns and attack techniques to enhance the security program and safeguard the Discovery environment
10. Work collaboratively and proactively across the organization to remediate security gaps
11. Review Technical Architecture and Delivery for Web Client and Content Delivery Platforms
12. Work closely with Product Managers and Technical Teams to understand technical requirements across multiple Digital Media (DevOps) Program Teams
13. Understand and recommend security controls for the rapid development of consumer facing prototypes to identify technical options and inform architectural approaches
14. Review developer’s code, provide feedback and perform security and risk assessment for consumer facing applications, services, and future technology
15. Evaluate and recommend best of breed, secure technology stack for interactive consumer experiences across web and mobile devices.
* 6 years of cybersecurity architecture and/or engineering, with a Bachelor’s degree or higher in related field
* Excellent written and oral communication skills and a solid foundational IT/Digital/Broadcast knowledge
* Broad knowledge of IT Security technologies, process, and techniques and a strong understanding of information security industry best practices
* Experience cybersecurity engineering and deploying cybersecurity solutions in a public cloud environment (IaaS, PaaS, SaaS)
* Knowledge of TCP/IP, DNS, HTTP, HTTPS, VPN
* Experience with Unix/Linux and Windows operating systems in an Active Directory environment
* Experience with network security infrastructure; e.g. firewalls, proxies, WAFs, DLP, IDS/IPS, malware detection, packet capture and analysis tools, etc.
* Experience with endpoint security technologies such as antivirus and advanced endpoint detection and response
* Experience with security logging, event correlation, and Security Information Event Management (SIEM)
* Experience with Splunk Enterprise Security is a plus
* Experience with Forensics/eDiscovery tools and Incident Response best practices
* Experience with Database Activity Monitoring tools
* Some experience scripting/programming experience in Python, Perl, PowerShell or Bash.
* CISSP, SANS GIAC, Security , Network , Linux , MCSE, RHCE or CCNA-Security certifications are highly desired
* Experience working in a large government or corporate enterprise environment
* Experience Architecting and Engineering security in Public and Private Cloud environments
* Experience in secure coding and software development in various languages (C#, .NET, Java etc.)
* Excellent knowledge of software and application design, delivery, and architecture (Agile, DevOps, CICD, etc.)
* Excellent knowledge of UML and other modeling methods (preferred)
* Familiarity with software deployment, integration and configuration tools (Jenkins, Docker, Puppet)
* A technical mindset with great attention to detail
* High quality organizational and leadership skills
* Outstanding communication and presentation abilities
* MSc/MA in computer science, engineering or relevant field
* Must have the legal right to work in the US