Cloud Vulnerability Analyst
United States - Georgia - Atlanta
Jul. 27, 2020
Company OverviewWarnerMedia is a leading media and entertainment company that creates and distributes premium and popular content from a diverse array of talented storytellers and journalists to global audiences through its consumer brands including: HBO, HBO Max, Warner Bros., TNT, TBS, truTV, CNN, DC Entertainment, New Line, Cartoon Network, Adult Swim, Turner Classic Movies and others.
Opportunity OverviewThe Team
The Cloud Vulnerability Management team proactively identifies and coordinates remediation of vulnerabilities and security deficiencies within the public cloud (AWS. Azure, GCP) infrastructure of WarnerMedia. This entails responsibility for the cybersecurity of nearly 900 public cloud accounts owned by Warner Brothers, HBO, CNN and other brands.
The Vulnerability Management Analyst is responsible for working with engineers to the identify security deficiencies, security risk, and execution of risk mitigation efforts. The ideal applicant will have some experience with vulnerability assessment and management in a large enterprise and also have an awareness of public cloud infrastructure.
- Managing the security vulnerability lifecycle from detection through notification and closure.
- Proactively identifying security risk in public cloud infrastructure (e.g. public S3 buckets, permissive NACL's, etc.)
- Meets with a variety of stake holders to prioritize and remediate vulnerabilities
- Monitoring and reviewing Cloud vulnerability and compliance scan results as they related to our Host and Cloud plane footprints
- Perform research and analysis of scheduled and on demand cloud vulnerability assessments and post results
- Maintaining core body of knowledge relating to emerging cloud security risks and vulnerabilities.
- Analyze penetration test results and engage with technology partners and business units in order to resolve identified vulnerabilities
- 2+ years of information security experience or experience in a related field or equivalent educational experience
- Strong knowledge of Windows and one of the following operating systems; *NIX, OS X, iOS, etc.
- Must be proficient in the use of Microsoft Office Applications (Outlook, Word, Excel) and other standard (Customer specified) applications.
- Excellent analytical and problem-solving skills
- Strong interpersonal, oral and written communication skills
- The personality traits, work habits, and social skills necessary to work effectively within a dynamic and highly operational broadcast environment
- Exemplary personal and professional integrity
- Ability to work in a team environment
- Ability to explain and quantify the risk of cloud vulnerabilities to a non-technical audience
- Some exposure to scripting and automation
- Certifications in related areas (e.g. SANS GPEN/GWAPT/GXPN, OSCP, CEH) are a plus
- An awareness of public cloud infrastructure