Sr Application Security Engineer at Discovery Direct-to-Consumer

Sorry, this job was removed at 10:00 a.m. (PST) on Thursday, February 25, 2021
Find out who's hiring in Seattle.
See all Developer + Engineer jobs in Seattle
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

As Discovery's portfolio continues to grow – around the world and across platforms – the Product Security team is building the people, technology and process to partner with Discovery’s direct-to-consumer, media technology, and IT systems to meet the world-class standard for which Discovery is known. 
 
Within the broader Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for a function so critical to Discovery. The Information Security Team at Discovery is a growing group of cybersecurity professionals, that are using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast across the globe on Discovery Channel, Animal Planet, Discovery ID, TLC, EuroSport and more.  From the US to Singapore, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.

The Role

The Application Security Engineer to work closely with Discovery’s Information Security and Direct-to-Consumer (DTC) teams on initiatives to protect data, services, and technology assets and to design, deploy appropriate, risk-based application security safeguards and technical application security controls.

 

This is a key role within the Information Security organization that will be focused on application security for our streaming media service and other supporting applications. The Application Security Engineer will be a valued partner to development and engineering teams to ensure secure architectures, patterns, and solutions are created and maintained. This person will work closely with Discovery’s DTC application teams and will build a community of practice with developers within DTC to support effective communication and collaboration. This person will be the subject matter expert for secure code development and will work with various application engineering teams to develop alternatives for remediation of vulnerabilities.

 

If you:

  • are passionate about web and mobile application security
  • want to work in an international, face-paced company
  • want to learn how to secure consumer-facing applications
  • would like to be a part of an experienced team of practitioners opened to sharing their knowledge
  • want to learn how to implement security into SDLC (CI\CD)
  • want to have a visible impact on the security of a large suite of products

 

Join us!

Key Areas of Responsibility

  • Be creative and solve problems with solutions that can scale
  • Run, maintain, and utilize security tools for the Appsec program
  • Own Application Security engagements with Product Teams across their SDLC
  • Lead security code reviews and contribute to application designs and solutions
  • Collaborate with development teams to ensure secure coding best practices are followed
  • Perform security and risk assessments for consumer-facing applications and services
  • Identify and define application security requirements and security baselines 
  • Work collaboratively and proactively across the organization with Product Teams on Application Security initiatives
  • Communicate Findings/Remediation Guidance/Security Design Patterns to development teams
  • Maintain knowledge of current and emerging secure application technologies/products/trends
  • Actively and continuously present/train role-specific knowledge with team members and product teams

Required Qualifications

  • 6+ years of experience with application security/penetration testing work
  • Subject matter expert on common security risks in web/mobile applications and web APIs
  • Solid understanding of security protocols, cryptography, authentication, authorization
  • Extensive hands-on experience with;
    • code reviews, business logic assessments, and application security testing
    • application security tools like Burp Suite, ZAP, or MobSF
    • practical threat modeling for consumer applications
    • testing methods such as SAST/DAST/IAST
    • CI Systems such as Jenkins
  • Experience in;
    • secure coding and software development in various languages (Java, Go, JavaScript, Python, etc.)
    • working with Agile development/Scrum teams
    • incorporating security requirements into a SDLC 
    • building and deploying solutions with modern programming languages in a cloud environment
    • building mobile applications
  • Understanding of DevOps practices
  • Broad knowledge of IT Security technologies, processes, and techniques and a strong understanding of application security practices.
  • Must have the legal right to work in the United States
     

Preferred Qualifications

  • Bachelor’s degree in IT, Computer Science, or Information Security preferred.
  • Knowledge of cloud security principles
  • Knowledge of GitHub’s Security features
  • GPEN, GXPN, GMOB, CSSLP, or other similar Security Certifications

Discovery Communications, Inc. is an equal opportunity employer. Discovery is committed to being an employer of choice, not just a good place to work, but a great and inclusive place to work. To that end, we strive to recruit and maintain a workforce that meaningfully represents the diverse and culturally rich communities that we serve. Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, protected veteran status or disabled status or, genetic information.

We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including but not limited to all local Fair Chance Ordinances.

Read Full Job Description
Apply now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
    • GolangLanguages
    • PHPLanguages
    • PythonLanguages
    • RubyLanguages
    • ReactLibraries
    • ReduxLibraries
    • AngularJSFrameworks
    • Node.jsFrameworks
    • MongoDBDatabases
    • MySQLDatabases

Location

Located right in Downtown, with countless eateries and shops nearby, and a couple blocks away from the lush Downtown Park
Inside Look at Discovery Digital's Engineering Team
Watch

What are Discovery Direct-to-Consumer Perks + Benefits

Culture
Volunteer in local community
Annual Impact Day where the office volunteers together. Opportunities to volunteer through People Portal. New Hires are given $25 to donate to cause of their choice. Discovery offers matching programs
Partners with Nonprofits
RISE, Turn Up Fight Hunger, Adopt a Family, Oceana, Discovery Project CAT, Give a Little TLC, Inspire a Difference, Building a Difference, Talent Unlimited.
Friends outside of work
Eat lunch together
Intracompany committees
Discovery Women's Network, ableDisability, Multicultural Alliance, Discovery PriDe, Parents at Discovery, Discovery GreenD, Generation D, Discovery Veteran's Association.
Daily stand up
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Diversity
Documented equal pay policy
Dedicated Diversity/Inclusion Staff
Unconscious bias training
Someone's primary function is managing the company’s diversity and inclusion initiatives
Diversity Employee Resource Groups
Discovery Women's Network, ableDisability, Multicultural Alliance, Discovery PriDe, Generation D, Discovery Veteran's Association.
Hiring Practices that Promote Diversity
Diverse slate required for leadership roles.
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Wellness Programs
Team workouts
Mental Health Benefits
Retirement & Stock Options Benefits
401(K)
401(K) Matching
Company Equity
Employee Stock Purchase Plan
Performance Bonus
Match charitable contributions
Child Care & Parental Leave Benefits
Generous Parental Leave
Flexible Work Schedule
Remote Work Program
Family Medical Leave
Adoption Assistance
Vacation & Time Off Benefits
Generous PTO
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Happy Hours
Parking
Relocation Assistance
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
Continuing Education stipend
Online course subscriptions available
Paid industry certifications
More Jobs at Discovery Direct-to-Consumer36 open jobs
All Jobs
Data + Analytics
Design + UX
Dev + Engineer
HR + Recruiting
Product
Project Mgmt
Content
Project Mgmt
new
Bellevue
Project Mgmt
new
Bellevue
Project Mgmt
new
Bellevue
Data + Analytics
new
Bellevue
Product
new
Bellevue
Developer
new
Bellevue
Product
new
Bellevue
HR + Recruiting
new
Bellevue
Project Mgmt
new
Bellevue
Product
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Design + UX
new
Bellevue
Product
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Content
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Product
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue
Product
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Data + Analytics
new
Bellevue
Developer
new
Bellevue
Developer
new
Bellevue