Cloud Security Architect
Discovery CommunicationsBellevue, WA
Full Time Job
The DCI Information Cloud Security Architect have direct responsibility for designing secure solutions for DCI Cloud base solutions. Ensuring systems are designed in a manner that meets any regulatory requirements as well as DCI security policies. The Security Architect is responsible for ensuring that the following activities are conducted, coordinated and applied consistently throughout the SDLC.
1. Perform information security assessments, prepare information systems security action plans, evaluate information security products, and perform other activities necessary to ensure a secure environment.
2. Implement the requirement of DCI and other information systems security policies, standards, baselines, guidelines, and procedures.
3. Reviewing current system security measures and recommend and implement enhancements.
4. Conducting regular system tests and ensuring continuous monitoring of network security is appropriate for current world threats.
5. Ensuring all personnel have access to the IT system limited by need and role.
6. Document detailed technical requirements and security baselines for technologies.
7. Authorize and review the results of major projects dealing with computer and network security.
8. Provide consultation to business lines on information security architecture.
9. Conduct after action reviews into any alleged computer or network security compromises, incidents, or problems and provide mitigating controls.
10. Research, design, understand and develop security solutions, technical and reference architectures, and support security strategies tailored to DCI business needs, with a focus towards Cloud Central services like AWS, Azure, and Google
11. Lead, develop and contribute to service deliverables with a security focus on IaaS, PaaS, and SaaS services, emphasizing AWS, Azure, and Google that requires partnership with Global Application/Product/Solution owners and project teams to deliver reliable and scalable security capabilities and strategies optimizing confidentiality, integrity, availability, functionality, performance, and financial costs; support ongoing business stakeholder dialog of security strategies, priorities and governance
12. Align and translate business requirements into secure solutions, designs and reference architectures for applications and products that can be leveraged by all professionals across DCI divisions
13. Perform as a subject matter professional on cloud technologies (and cloud technology security) with responsibilities to coach cloud central members and facilitate knowledge transfer within the greater Cloud Central groups
14. Familiar with cloud security controls such as AWS WAF, Configuration, and guardduty
15. Participate and act as a promoter and guardian of global standards and standard infrastructure services and solutions, while supporting audit processes for security and compliance strategies
16. Strong foundational knowledge in multiple information security domains such as access control, network security, operations security, application security, cryptography, computer forensics, security architecture and design, mobile device security, cloud security best practices
* One or more of the following certifications required:
o SSCP, CCSP, CISSP-ISSEP, CISSP ISSAP, GCED, GCCC
* performance and reliability
* Solid understanding of security protocols, cryptography, authentication, authorisation and security
* Good working knowledge of current IT risks and experience implementing security solutions
* Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
* Ability to interact with a broad cross-section of personnel to explain and enforce security measures
* Excellent written and verbal communication skills as well as business acumen and a commercial outlook
* Minimum of 7 years of security and/or IT experience required
* Able to provide computer forensic support to investigations in the form of evidence seizure, computer forensic analysis, and data recovery
* Experience knowledge of TCP/IP, networking design, and routing architectures
* Experience knowledge of network security systems and protocols, including firewalls, Radius and TACACS , IPSEC and IKE, SSH, etc.
* Ability to maintain proficiency in vulnerability and threat management best practices
* Ability to develop and implement security procedures and control
* Bachelors degree required masters preferred 10 years equivalent experience without a degree
* Extensive knowledge of NIST framework, CSC framework, CSF framework, ITIL, COBIT, PCI, HIPAA, SOX and ISO 2700x. Experience deploying, managing or developing processes in one of these frameworks is preferred.
* Must have the legal right to work in the United States
Bellevue, Washington, WA
As Discovery Inc’s portfolio continues to grow – around the world and across platforms – the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds, implements and maintains the business systems and technology that are critical for delivering Discovery’s products, while articulating the long-term technology strategy that will enable Discovery’s growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.
Within our Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for a function so critical to Discovery. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Information Security Team at Discovery is a growing group of cyber security professionals, that are using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast across the globe on Discovery Channel, Animal Planet, HGTV, Food Network, Discovery ID, TLC, EuroSport and more. From the US to Singapore, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.