Incident Responder

Welcome to Warner Bros. Discovery… the stuff dreams are made of.

When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating what’s next…

From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.

Warner Bros. Discovery (WBD) is seeking a highly skilled Incident Responder to spearhead cybersecurity investigations, coordinate response efforts, and strengthen WBD’s overall security posture. This role requires an experienced security professional who can lead complex investigations, optimize incident response processes, and act as the resident SME for host, network, and cloud forensics.

You will be responsible for managing security incidents from detection to resolution, working closely with internal stakeholders, security operations teams, and leadership to contain threats, mitigate risks, and enhance response capabilities. You will play a pivotal role in developing proactive security detections, refining incident response playbooks, and leading tabletop exercises to ensure the organization’s readiness against evolving cyber threats.

This role is ideal for a seasoned cybersecurity expert with deep expertise in incident handling, threat research, malware analysis, and forensic investigations across various environments, including on-premises, cloud, and large-scale enterprise networks.

• Incident Management:
  Lead and oversee the identification, containment, eradication, and recovery efforts during cybersecurity incidents.
• Incident Coordination:
  Act as the primary point of contact for all internal and external stakeholders during a cybersecurity incident. Coordinate cross‑functional teams, including IT, legal, communications, and senior management, to ensure a unified response.
• Root Cause Analysis:
  Lead investigations to determine the root cause of security incidents.
• Incident Documentation:
  Ensure detailed and accurate documentation of incidents, including timelines, decisions made, and actions taken.
• Continuous Improvement:
  Develop and enhance incident response procedures, playbooks, and workflows. Regularly review and update incident response protocols to ensure they are aligned with evolving threat landscapes.
• Threat Intelligence Integration:
  Integrate threat intelligence into incident response activities.
• Training and Awareness:
  Organize and lead regular training sessions, tabletop exercises, and simulations to keep the IR team and other relevant stakeholders prepared for real‑world incidents. Conduct assessments of the organization’s incident readiness.
• Collaboration with Other Teams:
  Work closely with the CSOC, Security teams and other business units to ensure seamless and efficient incident response.
• Incident Metrics and Reporting:
  Track key performance indicators (KPIs) for incident response efforts, reporting metrics on the effectiveness and efficiency of incident handling.
• Post-Incident Analysis and Threat Hunting:
  Lead post‑incident reviews to analyze the effectiveness of the response and identify areas for improvement. Engage in proactive threat hunting activities to detect early indicators of compromise and mitigate potential future incidents.

• 7+ years of technical cybersecurity experience in Incident Response, Security Operations, and Threat Intelligence.
• Expertise in at least 7 of the following disciplines: SIEM, cloud security, host forensics, network forensics, malware analysis, intrusion detection, anomaly detection, threat research.
• Advanced knowledge of security incidents and attack techniques, including exploits, vulnerabilities, network intrusions, malware families, and threat actor tactics, techniques, and…