Cyber Security Engineer

Position Summary

Our Team/Summary

As Discovery Communications’ portfolio continues to grow – around the world and across platforms – the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds implements and maintains the business systems and technology that are critical for delivering Discovery’s products, while articulating the long-term technology strategy that will enable Discovery’s growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms. From Amsterdam to Singapore and from satellite and broadcast operations to SAP, we are driving Discovery forward on the leading edge of technology.

 

Within our Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for a function so critical to Discovery Communications. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Information Security Team at Discovery is a growing group of cyber security professionals, that are using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast across the globe on Discovery Channel, Animal Planet, Discovery ID, TLC, EuroSport and more. From the US to Singapore, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.

 

 

The Role 

The Security Engineer will be responsible for designing, documenting, developing and deploying the various facets of Information Security related systems and technologies for use within the Discovery Communications network.

 

This role requires strong engineering skills, a well-developed inquisitive and resourceful nature to review and challenge security controls, ability to work with and enhance continuous monitoring services and conduct assessments, reviews, and guide the implementation of a variety of technologies, involving enterprise networks, web applications, mobile devices, the “Internet of Things”, end user devices, and private wireless systems.

 

Responsibilities

1. Conduct daily cyber analysis and network review of the Discovery suite of applications
2. Research emerging cybersecurity threats and zero-day vulnerabilities
3. Experience in implementing security solutions to ISO standards
4. Ability to perform design analysis, RFP sourcing, review, piloting, and selection of security technologies that meet IA requirements
5. Creation of documentation, checklists, and baselines for security technologies
6. Serve as a security resource to other departments in the resolution of complex technical problems and issues
7. Participate in meetings, proposals/response cycles, and Security Operations reviews to define an enumerate proper security solutions as appropriate
8. Engineer, implement, and review the various security measures and tools for the protection of Discovery computer systems, networks and information
9. Identify and define system security requirements and security baselines for the various classes of assets (desktops, servers, networks, firewalls, devices, applications, and other technologies) in use at Discovery or its partners
10. Design system security solutions based on Enterprise Architecture requirements and develop detailed security designs to implement architectural roadmaps
11. Prepare and document standard operating procedures, baselines, and operational protocols for the various devices in use at Discovery
12. Configure, review, and troubleshoot problems and issues with security infrastructure devices with an eye towards enhancement and improvement in posture
13. Develop technical solutions and research emerging security tools to mitigate security vulnerabilities and automate repeatable tasks
14. Partner with the Security Operations group to provide knowledge and insight on security incidents
15. Produce comprehensive reports including assessment-based findings, RFP responses, incident outcomes and proposals for further security enhancement tools and technologies in response to emerging and existent threats.

Requirements

Minimum 4 years of direct experience in the security field
Excellent written and oral communication skills and a solid foundational IT knowledge
Experience with both Windows and Linux platforms in a 247 production environment
Hands on experience with implementation, Enterprise Applications, security tools such as IDS/IPS, Anti-virus, Endpoint Management, and experience with Virtualization Technology such as VMWare or Virtualbox
Experience with Active Directory, concepts of three-tiered application model,

Firewalls and internet proxy devices, as well as best practices for configuring and implementing security devices
Experience in reviewing Splunk and/or Syslog events to determine security requirements and issues
Experience interfacing with a Security Information Event Management (SIEM)
Experience with Log management tools (i.e. Splunk)
Understanding of Vulnerability assessment tools and Network analysis / sniffer tools
Experience with deploying Patch management tools
Knowledge of and experience with Advanced anti-virus and endpoint protection a plus
Detailed knowledge of traditional Anti-Virus/Malware tools
CISSP, SANS GIAC, Security+, Network+, Linux+, MCSE, RHCE or CCNA-Security certifications are a plus
Must have legal right to work in the United States
Knowledge of Palo Alto firewalls and related applications
Juniper/Tipping Point support in legacy mdoe
Advanced endpoint protection and mitigation tools (Sentinel One, Cylance, Bromium, Bit9/CB, etc)
Advanced forensics and analysis tools (Encase E-Discovery, etc)
Advanced IDS/IPS detection tools (Palo Alto, FireEye, etc)
Configuration management/monitoring tools (Tufin, Firemon, etc)
Windows 8 and 10 security configuration
Knowledge of ISO27001 standards


Back to top