Mgr - Information Security Vulnerability
Discovery Communications
Sterling, VAThis was removed by the employer on 1/7/2019 6:31:00 AM PST
Not to worry we have many other jobs on the site;
Browse all jobs
Browse the IS/IT Category
Browse the TV Network Category
Search for Mgr - Information Security Vulnerability jobs in Sterling-VA
Search all Mgr - Information Security Vulnerability postings
Full Time Job
Our Team
As Discovery’s portfolio continues to grow – around the world and across platforms – the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds, implements and maintains the business systems and technology that are critical for delivering Discovery’s products, while articulating the long-term technology strategy that will enable Discovery’s growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.
From Amsterdam to Singapore and from satellite and broadcast operations to SAP, we are driving Discovery forward on the leading edge of technology.
The Role
The Manager of Vulnerability Management will lead the vulnerability team and lifecycle from detection through analysis, remediation, and verification. This individual will be responsible for translating results into prioritized remediation action items for global support groups. The Manager defines a scalable strategy for staying ahead of vulnerabilities across a large scope including both on-premise and cloud environments. As such, he/she must have effective written and communication skills paired with a technical background.
Responsibilities
1. Work with a team of resources comprised of on-/off-shore suppliers and employees in day-to-day monitoring, supporting, maintaining and enhancing a set of vulnerability management systems
2. Advance the VM program to keep up with the constantly changing threat and IT landscapes
3. Manage the VM team, including 24/7 coverage to address immediate threats or security incidents
4. Evaluate and advise the Risk Management team and business on whether to mitigate, transfer, or accept residual risk of vulnerabilities
5. Produce complex metrics for VM via API calls, SQL, and front-end dashboard development
6. Integrate ServiceNow into the VM workflow and reporting processes
7. Develop and implement automated tools and scripts for TVM as needed
8. Drive remediation of external penetration test findings
9. Continuously analyze threat and intelligence feeds to prioritize remediation
10. Assist in the development, maintenance, and implementation of security policies and procedures
11. Ensure that policies and procedures are implemented and enforced through both manual and automated controls
12. Provide management status reports and escalations on all VM requests and incidents
13. Participate in the remediation of audit findings as needed
14. Participate in various security activities, including special projects and documentation
15. Able to be on call for incidents and problems as needed
16. May perform other duties as assigned
Requirements
* One or more of the following certifications required:
o CISSP (Certified Information Systems Security Professional)
o IT/Security Vendor Certifications (e.g. Cisco, Microsoft, RSA)
o GIAC/ GSEC (Global Information Assurance Certification – Security Expert)
o GIAC/ GCIA (Global Information Assurance Certification – Certified Intrusion Analyst)
* Strong leadership skills with a proven track record of building and growing a high performing team
* Proficient in at least one scripting language and SQL
* Able to conduct vulnerability testing and analysis of computers, networks, and applications
* Able to maintain proficiency in tools, techniques, and countermeasures in network vulnerabilities
* Able to identify, monitor, and investigate computer and network intrusions
* Strong time management and organizational skills required, including ability to adapt to constantly changing priorities
* Strong customer service, communication, and presentation skills required
* BS degree in computer science or computer engineering preferred; will consider applicants with equivalent work-related experience with a minimum educational requirement of a high school diploma or GED equivalent
* Minimum of 8-10 years of security and/or IT experience required
* Understanding of network security systems and protocols, including firewalls, Radius and TACACS , IPSEC and IKE, SSH, etc.
* Ability to maintain proficiency in vulnerability and threat management best practices
* Ability to develop and implement security procedures and controls
* Must have the legal right to work in the United States
Sterling, Virginia, VA