25 days old

Application Security Engineer

Discovery Inc
Sterling, VA 20164
  • Job Code
Discovery Inc

Location: Sterling, Virginia, United States, Req ID: 860

Discovery hires the very best and brightest talent who are enthusiastic and passionate to fulfill the company's mission of empowering people to explore their world and satisfy their curiosity.

In exchange for their talent and drive, employees are provided with an engaging, diverse workplace and the resources they need to learn, thrive and grow in their careers.


As Discovery's portfolio continues to grow - around the world and across platforms - the Product Security team is building the people, technology and process to partner withDiscovery's direct-to-consumer, media technology, and IT systems to meet the world-class standard for which Discovery is known.

Within the broader Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for a function so critical to Discovery. The Information Security Team at Discovery is a growing group of cybersecurity professionals, that are using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast across the globe on Discovery Channel, Animal Planet, Discovery ID, TLC, EuroSport and more. From the US to Singapore, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.

The Role

As an Application Security Engineer, you will work on a cross-functional Product Security team supporting Discovery's Information Security and Direct-to-Consumer (DTC) organizations. This is a key role within the Information Security organization that will be focused on application security for our streaming media service and other supporting applications. The Application Security Engineer will be a valued partner to development and engineering teams to ensure secure architectures, patterns, and solutions are created and maintained. This person will work closely with Discovery's DTC product teams and will build a community of practice with developers within DTC to support effective communication and collaboration. This person will be the subject matter expert for secure code development and will work with various application engineering teams to develop alternatives for remediation of vulnerabilities.

If you:
  • are passionate about web and mobile application security
  • want to work in an international, face-paced company
  • want to learn how to secure consumer-facing applications
  • would like to be a part of an experienced team of practitioners opened to sharing their knowledge
  • want to learn how to implement security into SDLC (CI\CD)
  • want to have a visible impact on the security of a large suite of products

Join us!

Key Areas of Responsibility

  • Be creative and solve problems with solutions that can scale
  • Run, maintain, and utilize security tools for the Appsec program
  • Review and contribute to application designs and solutions
  • Collaborate with development teams to ensure secure coding best practices are followed
  • Assist with code reviews
  • Perform security and risk assessments for consumer-facing applications and services
  • Identify and define application security requirements and security baselines
  • Work collaboratively and proactively across the organization with Product Teams on Application Security initiatives
  • Communicate Findings/Remediation Guidance/Security Design Patterns to development teams
  • Maintain knowledge of current and emerging secure application technologies/products/trends
  • Actively and continuously share role-specific knowledge with team members and product teams

Required Qualifications

  • 3+ years of experience with application security/penetration testing work
  • Thorough understanding of common security risks in web/mobile applications and web APIs
  • Experience building and deploying solutions with modern programming languages in a cloud environment
  • Experience in code reviews, business logic assessments, and application security testing
  • Solid understanding of security protocols, cryptography, authentication, authorization
  • Experience with application security tools like Burp Suite and ZAP
  • Experience with testing methods such as SAST/DAST/IAST
  • Experience in secure coding and software development in various languages (Java, Go, JavaScript, Python, etc.)
  • Experience working with Agile development/Scrum teams
  • Experience incorporating security requirements into a SDLC
  • Experience working in CI Systems such as Jenkins
  • Knowledge of practical threat modeling for consumer applications
  • Broad knowledge of IT Security technologies, processes, and techniques and a strong understanding of application security practices.
  • Must have the legal right to work in the United States

Preferred Qualifications

  • Bachelor's degree in IT, Computer Science, or Information Security preferred.
  • Knowledge of cloud security principles
  • GPEN, GXPN, GMOB, CSSLP, or other similar Security Certifications

Discovery Communications, Inc. is an equal opportunity employer. Discovery is committed to being an employer of choice, not just a good place to work, but a great and inclusive place to work. To that end, we strive to recruit and maintain a workforce that meaningfully represents the diverse and culturally rich communities that we serve. Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, protected veteran status or disabled status or, genetic information.

We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including but not limited to all local Fair Chance Ordinances.

EEO is the Law
Pay Transparency Policy Statement
California Job Applicant Privacy Policy

If you are an individual with a disability and need an accommodation during the application process, please send an email request to HR@discovery.com.

Posted: 2020-11-05 Expires: 2020-12-06

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Application Security Engineer

Discovery Inc
Sterling, VA 20164

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast