Director of Cloud Security
The Cloud Security Director is a technology and process focused security leader with an emphasis in information security, cloud architecture, cloud infrastructure engineering, cloud incident response and DevSecOps. The Cloud Security Director is responsible for defining and leading the cloud security program by collaborating with product stakeholders to develop solutions to enable the business.
Responsibilities
- Lead the development and execution of cloud architecture initiatives and set forth strong cloud security design principles and processes
- Provide guidance for security remediation to business and IT partners. Speaking the DevOps and product team’s language by demonstrating real, practical risk and value.
- Develop cloud security processes and procedures to meet incident response and participate in security incident response process as cloud SME.
- Research, innovate, and design cloud-first security solutions.
- Partner with DevOps and product leadership to champion secure cloud development practices and build cloud security automation into their pipelines.
- Define SOAR Solutions to solve gaps integrating security into cloud environments.
- Collaborate with senior management and department leaders to assess near- and long-term cloud security needs
- Stay current with the latest cloud threat mitigation tools and techniques
- Mentor members of staff and act as a centre of cloud security engineering excellence
Requirements
- Strong understanding of cloud-based infrastructure components with specific understanding of the security risks presented in a decentralized and hybrid environment.
- 10+ years of experience in information security with demonstrated experience in leading, building, implementing and continuous maturing security programs
- 8+ years of management experience that includes overseeing technical directs reports
- Proven competency in strategic thinking and leadership.
- Ability to create processes from product engineering point of view and partner with leadership to shape the future state of products and cloud strategies
- Real-world experience with the following:
- Security administration in AWS/GCP/Azure
- CI/CD and DevOps Tooling (Git, Jenkins, CircleCI)
- Infrastructure as code tools (Pulumi, Ansible, CloudFormation, Terraform)
- Command Line usage (Bash, Powershell)
- Network & Infrastructure engineering
- Cloud native security related tools (AWS Guard Duty, AWS WAF, GCP Security Center)
- Elastic Stack
- Docker and Kubernetes
- Excellent verbal and written communication skills with a strong attention to detail
- Remains productive while rapidly switching context
- Thirst for knowledge and constantly driven to stay current with evolving threat landscapes
Discovery Communications, Inc. is an equal opportunity employer. Discovery is committed to being an employer of choice, not just a good place to work, but a great and inclusive place to work. To that end, we strive to recruit and maintain a workforce that meaningfully represents the diverse and culturally rich communities that we serve. Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, protected veteran status or disabled status or, genetic information.