Sr. Director, IT Security Architecture and Engineering
Discovery CommunicationsSterling, VA
Full Time Job
The Sr. Director, IT Security Architecture and Engineering will report to the VP, InfoSec Ops, Architecture & Engineering. The candidate will be the 2nd in command to the VP, InfoSec Ops, Architecture & Engineering, assist in all facets of operational security leadership and additionally, assume all leadership responsibilities in their absence. This is a critical leadership role responsible for Strategic Planning, guidance, definition, and design of enterprise-wide security architecture initiatives to effectively and securely support the organization in meeting specific business technology needs. This candidate will be considered a technical expert and a leader. Ideal candidates will have the following expectations, implement design reviews to evaluate security controls and identify opportunities to enhance the security posture of Discovery business environments, communicate effectively across all levels of management to clearly articulate vision and direction and act as a mentor to all members of the Infosec team if required. Ideal candidates will also be expected to ensure adoption and support of security tools ranging from vulnerability scanners to EDR frameworks and SIEM operations.
• Provide technical leadership and management of Security projects from conception through deployment and handover.
• Assist the VP of Infosec Operations, Architecture & Engineering with technical direction and vision for implementing the infosec strategy for Discovery
• Manage and lead technical staff in accordance with Discovery’s policies and structures
• Approve actions on human resources matters, including salary and budget administration
• Collaborate with our corporate functions including Internal Audit, Legal and Compliance, Privacy, and Sourcing to ensure that Discovery maintains a strong cybersecurity posture.
• Develop and manage the related budget and develop strategic plans to invest resources to efficiently reduce cyber risk.
• Develop and maintain a comprehensive vision and strategy for enterprise-wide security architecture and engineering initiatives in order to effectively and securely support the organization in meeting specific business technology needs.
• Drive consideration of cybersecurity tools and datasets to enhance detective and preventative control sets.
• Understand technical security issues and the implications to Discovery businesses and be able to communicate them to management and other business leaders.
• Understand emerging security technologies and determine the appropriate use within business applications.
• Maintain and enforce Discovery’s cybersecurity policies and secure design documentation.
• Execute and improve on Discovery’s security architecture review process and ensure compliance for all business initiatives.
• Maintain and enhance cybersecurity tools and ensure full adoptions and peak operational performance.
• Design and implement new custom solutions through automation and custom scripting.
• Bachelor’s Degree in Computer Science, Engineering, or other related discipline or 10 years of previous technical experience, specifically security architecture experience.
• Security certifications are a plus. (CISSP, CISM, CISA, SANS, Security , etc.)
• 5 years of supervisory or management experience in a technical security environment
• Capable of directing technical teams towards methodical and expedient analysis of complex business architectures in a high stress and visibility environment.
• Exceptional verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources.
• High degree of familiarity with all aspects of the incident response lifecycle.
• Good understanding of the threats faced by direct to consumer and digital platform organizations.
• Working knowledge of at least one programming language (Python, Go etc.)
• Hands on technical experience with cloud infrastructure and concepts, specifically the security aspects thereof.
• Hands on technical experience with application security topics such as the OWASP top 10.
• Hands on technical experience with SIEM & logging tools (Splunk, Kibana, Qradar) and the ability to extract actionable intelligence from large volume aggregated log storage.
• Hands on technical experience with vulnerability scanners and EDR toolsets.
• Hands on technical experience with Network and Compute architectures and, specifically the security aspects thereof.
• Hands on technical experience with compliance and regulatory frameworks and how they affect architecture designs and reviews
• Must have the legal right to work in the United States