Sr Information Security Engineer
Discovery CommunicationsSterling, VA
Full Time Job
The Sr Security Engineer will bring together aspects of systems engineering, operational security, software engineering, and networking to aid in developing secure systems. The engineer will also assist Security Architect’s to provide feedback and guidance for architects as systems and processes are designed. Sr Security Engineer that will provide leadership guidance on the implementation of effective security administration processes for all platforms. In addition, this role will leverage existing security tools to ensure the proper protection of sensitive data and compliance to internal and external regulations and requirements. The Senior Information Security Specialist will also support the facilitation of information risk assessments and the adoption of the information risk framework.
1. Support all aspects of Information Security Operations initiatives
2. Respond to, manage and contain security incidents
3. Monitor and analyze Intrusion Prevention Systems (IPS), Anomaly Detection Systems (ADS), Splunk (SIEM) to identify and investigate potential security events and issues for remediation.
4. Perform forensics on compromised systems.
5. Provide SME support to GIS management and DCI business
6. Evaluate/deconstruct malware (e.g. obfuscated code) through open-source and vendor provided tools
7. Assist GIS management with project plans and deployment of security technologies
8. Trains and tasks other staff to analyze and review security event logs and incidents and remediate issues as necessary (i.e., staff management/supervisory experience is preferred)
9. Contribute to the identification and definition of system security requirements and advise on the design of security monitoring infrastructure.
10. Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
11. Configure and troubleshoot security infrastructure devices and ensure the proper operation of security processing routines.
12. Perform vulnerability assessments and application security evaluations utilizing recognized security assessment tools.
13. Help establish and maintain processes to monitor network traffic for anomalous activity.
14. Develop security test plans based on system architecture, dataflow and hardware and software profile information.
15. Apply INFOSEC best practice and principles to network protocols, architectures, equipment, services, standards and technology.
16. Assist in the prompt investigation of security incidents and be prepared to isolate and remediate incidents pursuant to established procedures.
17. Assist with the engagement and coordination of third-party security assessments.
18. Communicates and escalate security alerts, intrusions, and compromises, to various IT groups in multiple locations
19. Assists with the design and implementation of cybersecurity counter-measures or mitigating controls as necessary
20. Maintain job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; and participating in professional organizations.
21. May perform other duties as assigned.
* One or more of the following certifications required:
o GSEC, GCIH, SSCP, CCSP, CISSP-ISSEP, CEH, GCIA, GISF, Security Plus, Network Plus preferred but 7 years of experience and demonstrated knowledge accepted
* Able to maintain proficiency in tools, techniques, and countermeasures in network vulnerabilities
* Able to identify, monitor, and investigate computer and network intrusions
* Strong time management and organizational skills required
* Strong customer service, communication, and presentation skills required
* BS degree in computer science or computer engineering preferred; will consider applicants with equivalent work-related experience with a minimum educational requirement of a high school diploma or GED equivalent
* 5 years of progressive experience with increasing responsibilities within a Security Operations environment
* 3 years of IT security engineering work experience including 2 years of cloud security environment))
* 2-3 years of security architecture experience (Preferred: 1-2 years of working on cloud security - AWS )
* Able to provide computer forensic support to investigations in the form of evidence seizure, computer forensic analysis, and data recovery
* Experience knowledge of TCP/IP, networking design, and routing architectures
* Experience knowledge of network security systems and protocols, including firewalls, Radius and TACACS , IPSEC and IKE, SSH, etc.
* Ability to develop and implement security procedures and control
* Must have legal right to work in the United States.
Sterling, Virginia, VA
As Discovery Inc’s portfolio continues to grow – around the world and across platforms – the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds, implements and maintains the business systems and technology that are critical for delivering Discovery’s products, while articulating the long-term technology strategy that will enable Discovery’s growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.
Within our Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for a function so critical to Discovery. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Information Security Team at Discovery is a growing group of cyber security professionals, that are using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast across the globe on Discovery Channel, Animal Planet, Discovery ID, TLC, EuroSport and more. From the US to Singapore, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.