This website uses cookies to ensure you get the best experience. Learn more

Senior InfoSec Incident Responder

Discovery is a global leader in the media sector, serving passionate fans around the world with content that inspires, informs and entertains. Discovery delivers over 8,000 hours of original programming each year across deeply loved content genres.

The world is changing all around us. To continue to grow as a business over the next years we must look ahead, understand the changing trends and be prepared for that what's to come. We must get ready for tomorrow today. Join us to be part of the adventure. Discovery inspires people to be the best they can.

Currently in Poland we are looking for passionate people with various backgrounds to join our team in the fields of FP&A Centre of Excellence, Global Business Services, HR Services and Media Business.

The Role

IT security incident response engineer will report to Sr Director of Incident Response. As a security incident responder, candidates will be an elite members of a customer facing security support team leading incident response investigations for Discovery's customers. Candidates must have experience in analyzing, triaging, scoping, containing, providing guidance for remediation, and determining the root cause of security incidents. Familiar with collecting and analyzing security incident related data to identify indicators of attack and compromise. Candidates must have a passion for learning new technologies, collaborating with other experts to find solutions, having complete customer obsession and continuously optimizing and improving the customer support experience. Candidates will enjoy working on challenging issues that require in depth investigation and attention to detail.

  • Respond to cyber incidents, as escalated by the SOC and TOC.
  • Act as escalation and incident handler for potential incidents identified by SOC analysts.
  • Evolve SOC run-books and SOPs through constant feedback and iterative improvement.
  • Collaborate effectively with business SMEs to contain and resolve security incidents.
  • Conduct investigations on infrastructure though forensic analysis to identify Indicators of Compromise (IOCs).
  • Establish priority and urgency on a wide range of potential incidents and react accordingly
  • Assist with post-incident activities
  • Maintain incident reporting and communication strategy with senior infosec and business leadership

Preferred Qualifications
  • One or more of the following certifications required:
    • GSEC, GCIH, SSCP, CCSP, CISSP-ISSEP, CEH, GCIA, GISF, Security Plus, Network Plus preferred but 3-5 years of experience and demonstrated knowledge accepted
  • Strong time management and organizational skills required
  • Strong customer service, communication, and presentation skills required
  • BS degree in computer science or computer engineering preferred; will consider applicants with equivalent work-related experience with a minimum educational requirement of a high school diploma or GED equivalent
  • High degree of familiarity with all aspects of the incident response lifecycle.
  • 3+ years of progressive experience with increasing responsibilities within a Security Operations environment
  • Good understanding of the threats faced by direct to consumer and digital platform organizations.
  • Hands on technical experience with cloud infrastructure and concepts, specifically the security aspects thereof.
  • Hands on technical experience with application security topics such as the OWASP top 10.
  • Hands on technical experience with SIEM & logging tools (Splunk, Kibana, Qradar) and the ability to extract actionable intelligence from large volume aggregated log storage.
  • Hands on technical experience with SOAR Platforms and the concepts of runbooks and automation.
  • Working knowledge of network TCP/IP protocols.
  • Working knowledge of network security systems such as next gen firewalls, SSO brokers and software defined network infrastructure.
  • Hands on technical experience with open source and proprietary threat intel tools such as shodan, virustotal etc. and how they fit into intelligence gathering.

Apply Now

Share this