17 days old

Director, Vulnerability Management

Discovery Inc
Sterling, VA 20166
  • Job Code
Discovery Inc

Location: Sterling, VA, United States, 20166-4346
Req ID: 2230

Discovery hires the very best and brightest talent who are enthusiastic and passionate to fulfill the company's mission of empowering people to explore their world and satisfy their curiosity.

In exchange for their talent and drive, employees are provided with an engaging, diverse workplace and the resources they need to learn, thrive and grow in their careers.

Job Summary

Our Team
As the Discovery portfolio continues to grow - around the world and across platforms - the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds, implements and maintains the business systems and technology that are critical for delivering Discovery's products, while articulating the long-term technology strategy that will enable Discovery's growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.

Within our Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for this critical function. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Information Security Team at Discovery is a growing group of cyber security professionals, using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast across the globe on Discovery Channel, Animal Planet, Discovery ID, TLC, EuroSport, TVN, and more. From the US to Singapore, Poland, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.

The Role
The Director of vulnerability management will have the responsibility of defining and driving the Infosec vulnerability management program, consisting of infrastructure, application, cloud and container vulnerability practices. This candidate will be considered a technical expert, deeply process orientated and a leader. The ideal candidate will expertly define the strategy and technical implementation of ensuring maximum SLA compliance in the remediation of vulnerabilities across the enterprise. The candidate will have a strong background in building vulnerability management programs, technical implementation of vulnerability remediations in cloud and on-premise environments as well as infosec leadership.


Build relationships with technology owners to ensure full visibility and understanding of open security vulnerabilities and drive remediation efforts within SLA.
Maintain and provide a detailed register of all open vulnerabilities, exceptions and remediation actions to ensure constant improvement of the Discovery risk surface.
Manage and lead a team of expert vulnerability analysts to ensure focused delivery of remediation and risk reduction.
Understand and communicate Discovery patching policies, standards, and procedures to business teams and ensure compliance.
Establish clear priorities for the vulnerability management team and execute strategies for successful fulfillment of remediations based on risk, benefits, and alignment with organizational strategies and objectives
Understand and communicate technical risks involved in infrastructure, cloud, application and serverless vulnerabilities.

Preferred Qualifications


Bachelor's Degree in Computer Science, Engineering, or other related discipline or 8+ years of previous technical experience, specifically Infosec governance, vulnerability management, technical leadership and process management.

Security certifications are a plus. (CISSP, CISM, CISA, SANS, Security+, etc.)

3+ years demonstrated experience building and managing vulnerability management programs from vulnerability discovery processes to remediation and validation.
Results orientated and able to mobilize a large geographically diverse group of engineers, application developers and IT support teams towards patching and remediation of vulnerabilities.
Hands on technical experience with risk, specifically the ability to derive residual and acceptable risk from competing priorities with regard to security and business impact.
Hands on technical experience with vulnerability management platforms (Rapid 7, Tenable, Qualys).
Hands on technical experience with cloud native security compliance tools (AWS inspector, Google CSCC).
Hands on technical experience with cloud infrastructure and the vulnerabilities that may exist in bleeding edge cloud native infrastructure (VPC, ECS, RDS) and the remediation steps involved.
Hands on technical experience with application security scanning tools (SAST, DAST, RASP)
Knowledge of the latest OWASP Top 10 and SANS Top 25 vulnerabilities and the corresponding mitigation techniques.
Hands on technical experience with data analysis and reporting with data analytics tools (Splunk, Kibana)
Strong customer service, communication, and presentation skills required.

Discovery Communications, Inc. is an equal opportunity employer. Discovery is committed to being an employer of choice, not just a good place to work, but a great and inclusive place to work. To that end, we strive to recruit and maintain a workforce that meaningfully represents the diverse and culturally rich communities that we serve. Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, protected veteran status or disabled status or, genetic information.

We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including but not limited to all local Fair Chance Ordinances.

EEO is the Law
Pay Transparency Policy Statement
California Job Applicant Privacy Policy

If you are an individual with a disability and need an accommodation during the application process, please send an email request to HR@discovery.com.



Posted: 2021-06-01 Expires: 2021-07-02
Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Director, Vulnerability Management

Discovery Inc
Sterling, VA 20166

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast