Sr. Cybersecurity Engineer

Welcome to Warner Bros. Discovery… the stuff dreams are made of.

Who We Are…

When we say, "the stuff dreams are made of," were not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBDs vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating whats next…

From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.

Must be able to work a hybrid schedule (3 days onsite) out of our DC, Silver Spring, or Atlanta office.

The WBD Security Engineering team empowers the WBD Global Information and Content Security (GICS) teams by supporting the Security Engineering, Security Architecture, Threat Detection and Response, and other Security teams/functions through the deployment, management, and maintenance of shared, reliable, and extensible security platforms/systems.

The Sr. Cybersecurity Engineer plays a key role in the GICS security engineering team, ensuring that security best practices are followed and that tools and processes that support a secure platform are maintained and kept up to date. The ideal candidate will be responsible for the design, implementation, and management of Splunk infrastructure, ensuring high performance, availability, and scalability. This role will require deep technical expertise in Splunk as well as the ability to work collaboratively with other teams to integrate Splunk into various IT and security systems.

An ideal candidate is expected to:

• Plan, design, engineer and implement security-related technologies
• Identify and communicate opportunities to enhance the security posture of WBD.
• Build and / or manage enterprise security platforms effectively (mainly Splunk and SOAR).

Splunk Focused Responsibilities:

Design and Architecture:

• Lead the design, deployment, and maintenance of Splunk infrastructure across multiple environments
• Develop and implement best practices for scaling and optimizing Splunk deployments.
• Architect complex Splunk solutions tailored to the organizations needs, ensuring data integrity and optimal performance.

Data Ingestion and Management:

• Integrate and ingest data from various sources (applications, network devices, security tools) into Splunk, ensuring data normalization and enrichment.
• Create and manage data models, field extractions, lookups, and accelerations.

Dashboard and Alerting:

• Design, develop, and maintain custom dashboards, reports, and alerts for different stakeholders (IT, Security, Compliance).
• Implement real-time monitoring and alerting solutions to detect and respond to critical incidents.

Security and Compliance:

• Work closely with the Security Operations Center (SOC) to support security monitoring, threat detection, and incident response efforts.
• Ensure Splunk deployments meet compliance requirements and are aligned with industry standards (e.g., PCI, HIPAA, GDPR).

Collaboration and Support:

• Collaborate with cross-functional teams (developers, network engineers, security analysts) to ensure seamless integration of Splunk with other systems.
• Provide mentoring and training to junior Splunk engineers and other IT staff.
• Troubleshoot and resolve complex Splunk-related issues, ensuring minimal downtime and service disruption.

Automation and Scripting:

• Develop scripts and automation tools to streamline Splunk administration, data ingestion, and reporting tasks.
• Utilize Splunks REST API for advanced integrations and custom solutions.

Documentation and Reporting:

• Maintain detailed documentation of Splunk architecture, configurations, processes, and procedures.
• Generate periodic reports on Splunk performance, usage, and incidents for management review.

Role Accountabilities:

• Plan, design, engineer and implement security-related technologies
• Understanding technical security issues, their implications within WBD business units and able to effectively communicate them to management and other business leaders.
• Configure, troubleshoot, and maintain Splunk infrastructure
• Conduct security audits and assessments to regularly determine the effectiveness of security platforms and identify areas of improvement.
• Host and operating systems hardening, auditing, monitoring and logging with appropriate security controls and best practices while meeting security best practices and business goals
• Research and explore emerging security technologies and determine their appropriate use within the company.
• Prepare, document, and create standard operating procedures and protocols.
• Cross-train and mentor other team members as needed.

Qualifications & Experiences:

• A minimum of 5+ years of hands-on experience in building, designing, and maintaining enterprise security tools such as SIEM and SOAR.
• Minimum of 5 years of experience working with Splunk in a large-scale environment.
• Proven experience in designing and managing Splunk Enterprise, and Splunk Cloud
• 5+ years of successfully implementing advanced cyber security technology in a complex environment
• Bachelors degree in computer science, engineering, or other related discipline or 5+ years of previous technical security experience
• Strong knowledge of Splunk SPL (Search Processing Language) and regular expressions
• Experience with cloud platforms (AWS, Azure, GCP) and their integration with Splunk.
• Hands on technical experience with networking and computing system architectures, specifically, the security aspects thereof.
• Hands on technical experience with compliance and regulatory frameworks and how they affect architecture designs and reviews.
• Must have 5+ scripting experience (using Python or other equivalent languages)

Not required but preferred experience:

• Security and Cloud certifications are a plus. (CISSP, etc.)
• Splunk Advance certification (Splunk Cloud Certified Admin, Enterprise Certified Admin, Enterprise Certified Architect, etc.) is a plus.

How We Get Things Done…

This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/ along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.

Championing Inclusion at WBD

If youre a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request.