Warner Bros. Entertainment, Inc. is a global leader in all forms of entertainment and their related businesses across all current and emerging media and platforms. A Time Warner Company, the fully integrated, broad-based Studio is home to one of the most successful collections of brands in the world and stands at the forefront of every aspect of the entertainment industry from feature film, television and home entertainment production and worldwide distribution to DVD, digital distribution, animation, comic books, video games, product and brand licensing, international cinemas and broadcasting.
We are seeking a Director, Information Security for the GCC Information Security & Compliance department. As a member of the Information Security and Compliance Team, this role will include, but not be limited to, all aspects of Threat & Vulnerability Management and Incident Response. This Director requires deep technical expertise in assessing and reporting security risks in applications, infrastructure, and business processes, along with experience leading organizational efforts to detect security risks and lead Incident Response activities.
The Director, Information Security is also responsible for performing and/or managing: incident analysis and management, risk assessments, vulnerability assessments / penetration testing (infrastructure and applications). The ideal candidate will have a strong background in applications and technologies to support Information Security operations, such as Firewalls, IDS/IPS, Antivirus – Endpoint protection, BotNet-CnC/APT Detection, Vulnerability Scanners, Log Aggregation and Analysis/SIM/SIEM, Data Analytics, and Security Intelligence.
The Director, Information Security will:
- Exercise or support the preparedness of various parts of WBEI’s organization to respond to IT security incidents
- Lead the Crisis Management Team for Security Incidents across WBEI’s organization.
- Act as a liaison throughout the entire organization in support to Time Warner cross-divisional security incidents, instigate the IT security incident response process, and execute decision authority to the extent of the role within that process.
- Ensure execution of the incident response process to the resolution of the incident.
- Perform risk assessments of systems and collaborate with WBEI’s staff and third parties to mitigate findings.
- Develop practical and viable enterprise security architecture strategies which are aligned to the business and MIS objectives
Desirable candidates will have the following qualifications:
- Bachelor's degree or greater; CISSP certification
- 8+ years of technology experience, including troubleshooting and performing root cause analysis
- 5+ years of demonstrated experience managing a high-performing, cohesive security response team
- 5+ years of hands-on IT security risk assessment
- 5+ years of experience with vulnerability management
- Must have in-depth knowledge of the following:
- Methods and motivations adopted by hackers to attack IT platforms and automated information systems
- IT security incident management processes and tools
- IT operations and support organizations
- IT security risk assessment
- IT security forensic techniques and tools