Info Security Incident Responder
Info Security Incident Responder
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Welcome to Warner Bros. Discovery the stuff dreams are made of.
Who We Are
When we say the stuff dreams are made of were not just referring to the world of wizards dragons and superheroes or even to the wonders of Planet Earth. Behind WBDs vast portfolio of iconic content and beloved brands are the storytellers bringing our characters to life the creators bringing them to your living rooms and the dreamers creating whats next
From brilliant creatives to technology trailblazers across the globe WBD offers career defining opportunities thoughtfully curated benefits and the tools to explore and grow into your best selves. Here you are supported here you are celebrated here you can thrive.
Your New Role:
As an Security Incident Responder you will be an elite member of the global Discovery InfoSec Cybersecurity Incidents Response Team. You will be leading the incident response investigations for Discoverys internal customers setting the world-class standards for professionalism seniority leadership ownership and oversight.
You will work closely with fellow colleagues: InfoSec Incident Responders Threat Intelligence and Threat Detection Experts Security Threat Analysts and SOAR SIEM NDR and EDR Security Engineering leaders to take the visibility protection and response capabilities continuously to the next level.
You will have a tactical ownership of our global Managed Detection and Response SOC Provider steering their efforts in the most desired direction to enhance our abilities to respond to modern cybersecurity threats.
You will report directly to the Senior Director Cybersecurity Incident Response within the Discovery InfoSec organization.
This role include participation in a rotational on-call schedule for critical incident response outside regular business hours. Flexibility and readiness to support high-priority incidents is expected as part of our global cybersecurity operations.
Your Role Accountabilities:
Lead steer and oversee the technical response to advanced cyber security incidents when triaged investigated and escalated by the global SOC
Act as highest level of technical escalation for security incidents identified by Managed SOC Provider Analysts and Incident Responders
Establish priority and urgency on a wide spectrum of potential incidents and advise the appropriate response
Conduct investigations on infrastructure through forensic analysis to identify Indicators of Compromise (IoCs)
Lead the Intelligence-Driven Hypothesis-Based Threat Hunting initiative and cultivate the hunt lifecycle across our massive global IT estate
Advise on the development of SOC runbooks and procedures through constant feedback and advising on the iterative improvement
Advise on the automation and orchestration playbooks and working closely with our InfoSec SOAR and ITSM Engineering
Advise on the security data collection and analytics working closely with our InfoSec Platform Engineering and Architecture SIEM NDR and EDR included
Advise on Threat Detection and Threat Intelligence strategy to ensure a comprehensive and relevant coverage across the MITRE ATT&CK Matrix and potential threat actors targeting the Company
Collaborate and advise the Business Owners to contain and resolve security incidents within broad IT domains across the Company
Advise on the security posture improvements within the post-incident activities to take our cyber resiliency to the next level
Maintain incident reporting and communication strategy with senior InfoSec and Company Business Leadership
Qualifications&Experience:
We are looking for a full package seasoned Security Incident Response professional with a demonstrated track record in the industry. Thus we expect you to have a broad experience in analyzing triaging scoping containing providing guidance for remediation and determining the root cause of cybersecurity incidents.
We expect intimate familiarity with the craft of collecting and analyzing security incident related data to identify indicators of attack and compromise.
An ideal Candidate would have a passion for learning new technologies collaborating with other experts to find solutions and have a calm and positive attitude with a sense of humor in the neverending battle against the evolving threats.
4-6 years of experience with increasing responsibilities within a Security Operations Center / CERT / CIRT / CSIRT / MDR environments
Comfortable familiarity with all aspects of the modern Incident Response lifecycle
Good understanding of the threats faced by direct to consumer and digital platform organizations
Hands-on technical experience with application security topics such as the OWASP top 10
Hands-on technical experience with SIEM & logging tools (Splunk Kibana Qradar) and the ability to extract actionable intelligence from large volume aggregated log storage
Hands-on technical experience with SOAR Platforms and the concepts of runbooks and automation
Knowledge and appreciation of MITRE ATT&CK Matrix and its practical applications
Solid knowledge of TCP/IP networking and protocols.
Hands-on technical experience with public cloud infrastructure and concepts specifically cloud-native security tools
Working knowledge of network and content security systems such NGFW Proxy Email Security Routing and Switching
Familiarity with Identity Access Management and SSO brokers
Hands on technical experience with open source and commercial proprietary threat intel tools for intelligence gathering
SANS GIAC Incident Response certifications (GSEC GCIH GCIA GCFA GREM) are a substantial plus
Other high-end cybersecurity and IT certifications are a plus
Solid time management and organizational skills
Solid communication and presentation skills
Whats in it for you:
contract of employment
hybrid work
benefits package: private medical care life and accident insurance MyBenefit cafeteria platform sports card social fund retirement pension plan Employee Referral Program
free access to the HBO Max platform
work-life balance initiatives: well-being platform yoga massages educational webinars Employee Support Program film screenings organized by employees in the office cinema
training and development: training platform co-financing of English lessons Employee Resource Groups Engagement Club - the opportunity to develop your interests in thematic employee groups online meetings with experts
CSR activities: volunteering ecological and social initiatives
access to parking space
Hybrid Working - This role is advertised as a Hybrid work model that combines remote and in-office work following our current company policy and to be agreed with your Line Manager. Subject to any applicable laws WBD / your Line Manager reserves the right to change this working agreement where this is essential to business needs and upon reasonable notice to you.How We Get Things Done
This last bit is probably the most important! Here at WBD our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.
Championing Inclusion at WBD
Warner Bros. Discovery embraces the opportunity to build a workforce that reflects a wide array of perspectives backgrounds and experiences. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit regardless of sex gender identity ethnicity age sexual orientation religion or belief marital status pregnancy parenthood disability or any other category protected by law.If youre a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process please visit our accessibility page for instructions to submit your request.
Employment Type
Full-Time
