Warner Media, LLC
Sr. Application Security Engineer (seeking Mobile Development experience for iOS
Warner Media, LLC, Silver Spring, Maryland, United States, 20900
Welcome to Warner Bros. Discovery… the stuff dreams are made of.Who We Are…When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the
storytellers
bringing our characters to life, the
creators
bringing them to your living rooms and the
dreamers
creating what’s next…From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.Your New Role...
As a Sr. Application Security Engineer, you will be an important member of the Warner Bros. Discovery Global Information and Content Security (GICS) team. This is a key role that will be focused on application security for mobile applications - native, native mobile, and hybrid. You will be a valued partner to software development and engineering teams to ensure secure architectures, patterns, and solutions are created and maintained. This person will work closely with WBD’s product teams and will build relationships with engineering groups to support effective security solutions for our products.OperationsMaintain knowledge of current and emerging secure mobile application technologies/products/trendsInstall, configure, and maintain Mobile app security assessment tools for mobile application security assessments (iOS, Android, Roku, etc.).Integrate Mobile app security assessment tools with existing CI/CD pipelines to ensure automated and continuous security testing.Extend Mobile app security assessment to scan AndroidTV, FireTV and tvOS applications for comprehensive security analysis.Develop and maintain scripts and tools for automated uploading of mobile binaries to Mobile app security assessment tools.Automate the generation and export of security assessment reports.Customize and optimize the Mobile app security assessment tools reporting functionality to meet organizational needs.Ensure the accuracy and comprehensiveness of the security assessment reports.Work closely with the development and DevOps teams to integrate Mobile app security assessment tools into the development lifecycle.Collaborate with security analysts to interpret and act on the findings from the Mobile app security assessment tools reports.Monitor and troubleshoot Mobile app security assessment tools - related issues and ensure the platform is running smoothly.Keep Mobile app security assessment tools and related tools up to date with the latest security patches and updates.TechnicalProficiency in setting up and managing Mobile app security assessment tools or similar mobile security assessment tools.Strong scripting skills in Python, Shell, or other relevant languages.Experience with CI/CD tools such as Jenkins, GitLab CI, or CircleCI.Familiarity with mobile application development frameworks (Android and iOS).Experience with integrating security tools for Android TV and tvOS applications.Build, maintain, and utilize security tools for the Application Security programIdentify and define mobile application security requirements and security baselinesActively and continuously share role-specific knowledge with team members and product teamsStay up to date with the latest application security threats, vulnerabilities, and exploits.Ideal Qualifications & ExperienceBachelor’s degree in IT, Computer Science, or Information SecurityProven experience in mobile application security testing and automationKnowledge of security best practices and common mobile application vulnerabilitiesHands-on experience with containerization technologies (Docker, Kubernetes) is a plusProven experience building tools and automation to support an Application Security teamStrong understanding of software development methodologies and secure coding practicesStrong understanding of the SDLC and CI/CD pipelinesExperience developing iOS and Android mobile applicationsExperience reading and comprehending code, discerning business logic, and identifying security flaws in mobile-relevant languages, such as Swift, Objective-C, Kotlin, Java, JavaScript, and TypeScript.Understanding of common mobile application authentication and encryption methods, including OAuth and PKIUnderstanding of protocol and network analysis using mitmproxy and WiresharkUnderstanding of platform-specific security features and best practices, such as Apple's App Transport Security, Android's Network Security Configuration, and Samsung Knox.Familiarity with platform-specific development environments, SDKs, and tools, such as Xcode for iOS, Android Studio for Android, and Samsung's Tizen Studio.Hands-on experience working with DevOps and Agile-driven product teamsStrong understanding of application security standards and practices, such as the OWASP Mobile Application Security Verification Standard (MASVS) and Mobile Security Testing Guide (MSTG)Excellent written and verbal communication skillsThe Nice to HavesKnowledge of cloud architecture and security principlesISC2 CSSLP, GIAC (GMOB, GWEB, GCSA), or other Security Certifications.How We Get Things Done…This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/
along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.Championing Inclusion at WBDWarner Bros. Discovery embraces the opportunity to build a workforce that reflects the diversity of our society and the world around us. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.
If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request.In compliance with local law, we are disclosing the compensation, or a range thereof, for roles in locations where legally required. Actual salaries will vary based on several factors, including but not limited to external market data, internal equity, location, skill set, experience, and/or performance. Base pay is just one component of Warner Bros. Discovery’s total compensation package for employees. Pay Range: $86,030.00 - $159,770.00 salary per year. Other rewards may include annual bonuses, short- and long-term incentives, and program-specific awards. In addition, Warner Bros. Discovery provides a variety of benefits to employees, including health insurance coverage, an employee wellness program, life and disability insurance, a retirement savings plan, paid holidays and sick time and vacation.
storytellers
bringing our characters to life, the
creators
bringing them to your living rooms and the
dreamers
creating what’s next…From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.Your New Role...
As a Sr. Application Security Engineer, you will be an important member of the Warner Bros. Discovery Global Information and Content Security (GICS) team. This is a key role that will be focused on application security for mobile applications - native, native mobile, and hybrid. You will be a valued partner to software development and engineering teams to ensure secure architectures, patterns, and solutions are created and maintained. This person will work closely with WBD’s product teams and will build relationships with engineering groups to support effective security solutions for our products.OperationsMaintain knowledge of current and emerging secure mobile application technologies/products/trendsInstall, configure, and maintain Mobile app security assessment tools for mobile application security assessments (iOS, Android, Roku, etc.).Integrate Mobile app security assessment tools with existing CI/CD pipelines to ensure automated and continuous security testing.Extend Mobile app security assessment to scan AndroidTV, FireTV and tvOS applications for comprehensive security analysis.Develop and maintain scripts and tools for automated uploading of mobile binaries to Mobile app security assessment tools.Automate the generation and export of security assessment reports.Customize and optimize the Mobile app security assessment tools reporting functionality to meet organizational needs.Ensure the accuracy and comprehensiveness of the security assessment reports.Work closely with the development and DevOps teams to integrate Mobile app security assessment tools into the development lifecycle.Collaborate with security analysts to interpret and act on the findings from the Mobile app security assessment tools reports.Monitor and troubleshoot Mobile app security assessment tools - related issues and ensure the platform is running smoothly.Keep Mobile app security assessment tools and related tools up to date with the latest security patches and updates.TechnicalProficiency in setting up and managing Mobile app security assessment tools or similar mobile security assessment tools.Strong scripting skills in Python, Shell, or other relevant languages.Experience with CI/CD tools such as Jenkins, GitLab CI, or CircleCI.Familiarity with mobile application development frameworks (Android and iOS).Experience with integrating security tools for Android TV and tvOS applications.Build, maintain, and utilize security tools for the Application Security programIdentify and define mobile application security requirements and security baselinesActively and continuously share role-specific knowledge with team members and product teamsStay up to date with the latest application security threats, vulnerabilities, and exploits.Ideal Qualifications & ExperienceBachelor’s degree in IT, Computer Science, or Information SecurityProven experience in mobile application security testing and automationKnowledge of security best practices and common mobile application vulnerabilitiesHands-on experience with containerization technologies (Docker, Kubernetes) is a plusProven experience building tools and automation to support an Application Security teamStrong understanding of software development methodologies and secure coding practicesStrong understanding of the SDLC and CI/CD pipelinesExperience developing iOS and Android mobile applicationsExperience reading and comprehending code, discerning business logic, and identifying security flaws in mobile-relevant languages, such as Swift, Objective-C, Kotlin, Java, JavaScript, and TypeScript.Understanding of common mobile application authentication and encryption methods, including OAuth and PKIUnderstanding of protocol and network analysis using mitmproxy and WiresharkUnderstanding of platform-specific security features and best practices, such as Apple's App Transport Security, Android's Network Security Configuration, and Samsung Knox.Familiarity with platform-specific development environments, SDKs, and tools, such as Xcode for iOS, Android Studio for Android, and Samsung's Tizen Studio.Hands-on experience working with DevOps and Agile-driven product teamsStrong understanding of application security standards and practices, such as the OWASP Mobile Application Security Verification Standard (MASVS) and Mobile Security Testing Guide (MSTG)Excellent written and verbal communication skillsThe Nice to HavesKnowledge of cloud architecture and security principlesISC2 CSSLP, GIAC (GMOB, GWEB, GCSA), or other Security Certifications.How We Get Things Done…This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/
along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.Championing Inclusion at WBDWarner Bros. Discovery embraces the opportunity to build a workforce that reflects the diversity of our society and the world around us. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.
If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request.In compliance with local law, we are disclosing the compensation, or a range thereof, for roles in locations where legally required. Actual salaries will vary based on several factors, including but not limited to external market data, internal equity, location, skill set, experience, and/or performance. Base pay is just one component of Warner Bros. Discovery’s total compensation package for employees. Pay Range: $86,030.00 - $159,770.00 salary per year. Other rewards may include annual bonuses, short- and long-term incentives, and program-specific awards. In addition, Warner Bros. Discovery provides a variety of benefits to employees, including health insurance coverage, an employee wellness program, life and disability insurance, a retirement savings plan, paid holidays and sick time and vacation.