Discovery is a global leader in the media sector, serving passionate fans around the world with content that inspires, informs and entertains.
Discovery delivers over 8,000 hours of original programming each year across deeply loved content genres.
The world is changing all around us. To continue to grow as a business over the next years we must look ahead, understand the changing trends and be prepared for that what’s to come.
We must get ready for tomorrow today. Join us to be part of the adventure. Discovery inspires people to be the best they can.
Currently in Poland we are looking for passionate people with various backgrounds to join our team in the fields of FP&A Centre of Excellence, Global Business Services, HR Services and Media Business.
Sr Director Cyber Security Incident Response will be in charge of hands on technical security and incident response activities.
The candidate will manage the incident response, and security operations teams by way of mentoring, capacity management, performance management, and incident review.
The candidate will partner with other security leaders and the larger information security program to assist in incident investigation, collaboration, and communication.
The candidate will lead a team of security analysts and third party SOC resources in investigating information security incidents of varying scope and priority and own the incident response process from start to finish.
The candidate will understand the operational security controls needed to detect, remediate, and prevent compromises whether in the data center or in a multi-cloud environment.
The candidate will have hands-on technical skills, strong leadership abilities, and an eagerness to build a world-class organization.
Oversee and lead the security operations team in identification and response to cyber threat activities and incident response.
Oversee and prioritize actions during the detection, analysis, and containment of an incident in both on premises and cloud environments.
Develop and communicate to peers, business partners, and management, aspects of cyber defence, including crisis / incident communications, investigative results and training and awareness of the cyber threat landscape
Provide leadership with weekly, monthly and quarterly metrics for incident trends, major activities and improvements plans.
Manage and maintain relationships with managed security services providers and vendors to ensure optimal effectiveness and capability of the SOC and IR functions
Serve as a central point of communication and provide appropriate incident briefings to executive staff and other stakeholders as needed
Drive continual improvement and efficiency of the SOC and IR functions through post incident reviews, tabletop exercises and threat hunting.
Supervise staff, provide feedback and coaching and create a team culture of excellence and achievement.
One or more of the following certifications required :
o GSEC, GCIH, SSCP, CCSP, CISSP-ISSEP, CEH, GCIA, GISF, Security Plus, Network Plus preferred but 5-8 years of experience and demonstrated knowledge accepted
BS degree in computer science or computer engineering preferred; will consider applicants with equivalent work-related experience with a minimum educational requirement of a high school diploma or GED equivalent
Proven expertise in all aspects of the incident response lifecycle.
4+ years of managing highly effective teams in critical functions.
Strong customer service, communication, and presentation skills required
Capable of directing technical teams towards methodical and expedient containment of security incidents in high stress and visibility environment.
Exceptional verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources.
Good understanding of the threats faced by direct to consumer and digital platform organizations.
Hands on technical experience with cloud infrastructure and concepts, specifically the security aspects thereof.
Hands on technical experience with application security topics such as the OWASP top 10.
Hands on technical experience with SIEM & logging tools (Splunk, Kibana, Qradar) and the ability to extract actionable intelligence from large volume aggregated log storage.
Hands on technical experience with SOAR Platforms and the concepts of runbooks and automation.