Cybersecurity Engineer III Onsite role in Silver Spring, MD

Title: Cybersecurity Engineer III

Work Location: MD Silver Spring, DC, or ATL Techwood. (Hybrid)

Project Duration: 6 months

What We Do/Project

The WBD Security Engineering team empowers the WBD Global Information and Content Security (GICS) teams by supporting the Security Engineering, Security Architecture, Threat Detection and Response, and other Security teams/functions through the deployment, management, and maintenance of shared, reliable, and extensible security platforms/systems. The security engineer plays a key role in the GICS security engineering team, ensuring that security best practices are followed and that tools and processes that support a secure platform are maintained and kept up to date. Ideal candidates will have a mixture of security and systems engineering backgrounds to ensure that business processes are configured correctly and that security best practices are designed and implemented.

Job Responsibilities / Typical Day in the Role
Implement design reviews to evaluate security controls
Identify and communicate opportunities to enhance the security posture of WBD
Build and / or manage enterprise security platforms effectively
Communicate effectively across all levels of management to articulate WBD security goals and vision.
Identify and communicate opportunities to enhance the security posture of WBD
Build and / or manage enterprise security platforms effectively (SAAS, on premise or in Cloud)
Communicate effectively across all levels of management to articulate WBD security goals and vision.
Have a team player mentality; strive to contribute to team cohesion however can work independently if the need arises
Plan, design, engineer and implement security-related technologies
Understanding technical security issues, their implications within WBD business units and able to effectively communicate them to management and other business leaders.
Configure, troubleshoot, and maintain security infrastructure including software and hardware in cloud environments, as well as on-premises.
Conduct security audits and assessments to regularly determine the effectiveness of security platforms and identify areas of improvement.
Host and operating systems hardening, auditing, monitoring and logging with appropriate security controls and best practices while meeting security best practices and business goals
Research and explore emerging security technologies and determine their appropriate use within the company.
Prepare, document, and create standard operating procedures and protocols.
Crosstrain and mentor other team members as needed

Must Have Skills / Requirements
1) Implementing advanced cyber security technology in a complex environment
a. 5+ years of experience; Hands-on experience in security engineering, hands-on experience in building, designing, and maintaining enterprise security tools.
2) Scripting experience (using Python, Go, or other equivalent languages)
a. 5+ years of experience.
3) Hands-on Experience with automation technologies
a. 3+ Years of experience; Terraform, Ansible, CloudFormation, etc.
4) Linux Experience.
a. 5+ years of experience; Ability to construct and maintain complex network infrastructures.

Technology requirements:
Engineer and administer security platforms including SIEM/SOAR systems, endpoint detection and response, vulnerability management, anomaly detection, and cloud analysis.
Experience in managing the Brinqa vulnerability management platform and experience with Groovy programming language
Must have 5+ years of scripting experience (using Python or other equivalent languages)
Hands-on Experience in public cloud infrastructures like AWS (Amazon Web Services)

Nice to Have Skills / Preferred Requirements
1) Security and Cloud certifications are a plus. (CISSP, Splunk Admin, AWS Solution architect).
2) Media/entertainment or distributed global network experience.

Soft Skills
1) Hands-on technical experience with networking and computing system architectures, specifically, the security aspects thereof.
2) Thorough understanding of information security principles, techniques, principles, policy frameworks, and best practices
3) Hands-on technical experience with compliance and regulatory frameworks and how they affect architecture designs and review

Education / Certifications
1) None required, but certifications preferred.