Full Job Description
Location New York, New York
Position Type: Full Time
Job ID 178184BR
WarnerMedia is a leading media and entertainment company that creates and distributes premium and popular content from a diverse array of talented storytellers and journalists to global audiences through its consumer brands including: HBO, HBO Max, Warner Bros., TNT, TBS, truTV, CNN, DC Entertainment, New Line, Cartoon Network, Adult Swim, Turner Classic Movies and others.
45 years ago, we changed the face of television, and we continue that today by building and delivering next-generation entertainment and technology solutions across the globe. Our innovations impact advertising, data management, information security, content creation and delivery, business operations, broadcasting and ultimately, the fan experience.
As a technologist at WarnerMedia, you will work at the intersection of art and science. You’ll work for brands that inform and entertain the world including [adult swim], Bleacher Report, Boomerang, Cartoon Network, CNN, ELEAGUE, Great Big Story, HLN, iStreamPlanet, TBS, Turner Classic Movies (TCM), TNT, truTV and Turner Sports- which includes the NBA, NCAA March Madness, Major League Baseball and the UEFA Champions League. You’ll be part of a company that enables community and belonging by creating content that connects with fans when, how and where they want it.
Sr. AppSec Analyst leads web application security remediation initiatives for the WarnerMedia Cybersecurity Office and serves as an active member of teams that define the application security strategy. A combination of technical acumen and creative thinking is necessary to address matters of threat identification and mitigation. Unlike other security organizations, a consultative and collaborative mindset is of paramount importance.
The successful individual will:
Serve as a subject matter expert for all matters relating to remediation of web application security vulnerabilities and container security vulnerabilities
Leverage a combination of tools such as static analysis (SAST), dynamic analysis (DAST), container registry scanners to identify web application vulnerabilities, vulnerable dependencies, and vulnerabilities within source code
Consult with various development teams to facilitate the closure of web application vulnerabilities
Own the remediation of security vulnerabilities identified through bug bounty programs.
Stay apprised of security risks with Content Management Systems such as Drupal, Wordpress, and in-house developed CMS.
Develop capabilities necessary to monitor and detect web application attacks using web application firewalls, security scripts, tools, and services
Understands vulnerabilities at an application, database, operating system and network level
Provide technical input to security risk assessments
Lead multiple complex projects and initiatives and use discretion when negotiating priorities
At least 3 years’ experience in web application space with a minimum 2 years information security experience.
1 year experience with identifying vulnerabilities associated with the OWASP Top 10.
Must have experience working with Information Security programs.
Must have experience with security vulnerability scanners and application scanners (Burp, ZAP, IBM AppScan, Whitehat).
Demonstrated ability to successfully perform analysis, support, training, reporting, testing, and project management across multiple, complex system implementations with custom and third-party applications
Advanced problem solving and analytical skills
Paid time off every year to volunteer
Access to well-being tools, resources, and freebies
2018 Best Company for Working Mothers
2018 Best Company for Dads
An in-house learning and development team to help shape and grow your career
Part of the WarnerMedia family of powerhouse brands
Warner Media, LLC and its subsidiaries are equal opportunity employers. Qualified candidates will receive consideration for employment without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.