Sr. Information Security Engineering Specialist

Sr. Information Security Engineering Specialist

As a Senior Information Security Engineering Specialist, you will be a vital member of the Warner Bros. Discovery Global Information and Content Security (GICS) team. This role focuses on adoption, deployment, fine-tuning, and development of tools, services, and processes that enable robust security controls within the Product Security lifecycle. You will collaborate with Development and Dev Ops teams to define security processes and integrations that support existing workflows and pipelines, and engage with the Application Security team to ensure an efficient Product Security Pipeline.

Must work a hybrid schedule (3 days onsite) out of our Burbank office.

• Support the expansion of Product Security programs by contributing to security architecture engagement strategies, scalable product threat modeling, and the implementation of product security technical initiatives
• Assist in developing and delivering security roadmap plans, ensuring initiatives are completed successfully and on time with high quality
• Help establish and enforce security standards, policies, and best practices for product development teams, ensuring compliance with industry regulations and customer expectations (PCI, GDPR, CCPA, etc.)
• Collaborate with product, engineering, and business stakeholders to identify and prioritize security risks and requirements, providing guidance on security architecture, design, testing, and remediation
• Contribute to the development and implementation of security metrics and dashboards to measure and report on security posture and performance of products and platforms
• Stay informed about emerging security threats, trends, and technologies, and contribute to discussions on security solutions and practices
• Support the adoption and integration of Dev Sec Ops  principles and practices into the product development process, including CI/CD, automation, and collaboration
• Be familiar with common vulnerabilities and attack vectors in consumer-facing digital services and leverage cloud security best practices and tools to secure products and platforms on AWS, GCP, and Azure, using automation and CI/CD pipelines
• Manage relationships effectively, advocating for business and external customers by engaging in security-related requirements conversations
• Utilize experience with security testing tools for product and application security testing, including SAST, DAST, threat modeling, and product penetration testing

• Hybrid work environment; must be based in the Warner Bros. Discovery office for a minimum of three (3) days/week
• Bachelor’s degree in computer science, engineering, or related field, or equivalent work experience
• 5+ years of experience in information security, with at least 3 years in product security, application security, or cloud security
• Understanding of consumer behavior and expectations regarding digital services and balancing security with user experience
• Proven track record of leading security projects in fast-paced, agile environments
• Extensive experience in secure code reviews, business logic assessments, and application security testing with deep understanding of network, data, and cloud security principles
• Expert knowledge of security principles, standards, and best practices (e.g., OWASP, NIST, ISO)
• Experience deploying cybersecurity solutions in public cloud environments (IaaS, PaaS, SaaS)
• Strong technical skills with security tools and technologies (web application firewalls, vulnerability scanners, penetration testing tools, encryption, authentication, etc.)
• Excellent communication and presentation skills for technical and non-technical audiences
• Experience in the media and entertainment industry or direct-to-consumer products is a plus
• Experience in implementing and leading Dev Sec Ops  initiatives, frameworks, and tools (e.g., GHAS, Burp Suite, Nmap, Metasploit) used for SCA, SAST, DAST
• Experience with Agile/Scrum and integrating security into the SDLC (CI/CD) with product owners
• Experience securing cloud environments on AWS, GCP, and Azure using automation and CI/CD pipelines
• Certifications such as CISSP, CEH, GPEN, or OSCP are highly desired

Our guiding principles are the core values by which we operate. See them at  and be prepared to discuss them during your interview.

Warner Bros. Discovery is an equal opportunity employer. We consider qualified candidates on the basis of merit without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, disability, or any other protected status by law. If you require adjustments or accommodations during the application process, please visit our accessibility page for instructions.