• Triage, investigate, and respond to alerts coming in from the Huntress platform. • Perform tactical review of EDR telemetry, log sources, and forensic artifacts to determine the root cause of attacks, where possible, and provide remediations needed to remove the threat. • Perform tactical malware analysis as part of investigating and triaging alerts. • Investigate suspicious Microsoft M365 activity and provide remediations. • Assist in escalations from the Product Support team for threat-related and SOC-relevant questions. • Contribute to detection engineering creation and tuning efforts. • Contribute to projects focused on driving better outcomes for our analysts and partners • Contribute to our collaboratively mentored team (we're all here to make each other better!).

• Work with various stakeholders from across the group, to ensure security operations practices, policies, and systems are robust, pragmatic and aligned with strategic objectives. • Define, build, and maintain a comprehensive security operations architecture that addresses current and emerging threats. • Manage delivery of cyber security projects and co-ordinate business security initiatives to support the organisation’s security posture and strategic goals. • Provide expert consultancy to technology teams on both reactive (day-to-day issues) and proactive (strategic) security matters. • Maintain Security Operations documentation, records and evidence to support security assessments, audits, and compliance with legal, regulatory and customer requirements. • Oversee and enforce adherence to technical security policies, standards, best practices, and customer requirements. • Lead the monitoring, detection, and investigation of security events & alerts; maintain and improve security control automation, logging, alerting, vulnerability scanning and threat detection capabilities. • Own incident response procedures; coordinate incident handling, ensure relevant stakeholders and third parties are engaged, lead follow-up actions until resolution. • Manage and oversee security testing: internal automated technical controls capture and scans, third-party assessments, penetration tests, ensuring findings are tracked and remediated. • Ensure security controls and processes are integrated across systems, applications, and cloud infrastructure. • Develop KPIs, SLAs, dashboards to measure and report performance, including response times, false positives, remediation progress etc. • Stay up-to-date with regulatory/compliance frameworks (e.g. EU Cyber Resilience Act, EU AI Act, ISO 27001, GDPR, PCI-DSS, NIST,NCSC), threat landscape changes and emerging technologies. • Work across the organisation and beyond to promote best practice across Digital Science, making recommendations for improvements to cyber security practices in line with industry standards and learnings from security incidents. • Prepare cyber security responses and evidence for internal and external parties. • Take an active role in information security forums, councils and communities within and outside of the organisation.

• Trabajar en KAPRES como Junior SOC Analyst • Completar 2 meses de capacitación con nuestro SOC Kapres (sin paga)

Title: Sr. Security Operations Analyst Location: GA Atlanta 1050 Techwood Drive NW remote type Hybrid time type Full time job requisition id R000105840 Welcome to Warner Bros. Discovery… the stuff dreams are made of. Who We Are… When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating what’s next… From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive. *Must work a hybrid schedule (3 days onsite) out of our Atlanta office.* Overview The Senior Cybersecurity Analyst – CSOC is a Senior level non-management role that reports directly to the CSOC Manager. They will be responsible for guiding a hybrid team of security analysts tasked to detect, Triage, analyze, respond, and report cybersecurity incidents in addition to performing advanced analysis and assisting with incident response. A successful candidate will be able to use experience, knowledge, and critical thinking to perform CSOC duties that deviate from daily norms with minimal guidance and mentor more junior analysts on the solution. As a Senior Analyst, this individual must be highly organized, detail oriented, and able to manage multiple investigations, projects, and deliverables at once. Role & Responsibilities: Security Operations – - In-depth security event analysis - Facilitate and oversee the execution of day-to-day directions given by CSOC Manager - Enhancing detection and alert maturity - Enhancing technical and administrative processes and procedures. - Providing blue team subject matter expertise to advise CSOC Leadership and mentor Analysts. - Document and communicate findings and after-action reports to the entire security team. - Review investigations and perform QA/QC. - Drive alert logic refinement through tuning and whitelisting - Train and Mentor Associate and Mid-level Analysts - Preforming Tier 3 On Call rotations to include Weekends or Nights Support IR Investigations – - Incident coordination by assignment of Work Streams and creation of reports - Serve as the technical escalation point for the CSOC team. - Provide ad-hoc training to team members Project Work – - Perform CSOC maturity projects under the guidance of Cyber Operations Leadership - Partner with Security Engineering teams to enhance features and capabilities within current security tooling. - Create and update written policies and procedures. Qualifications & Experiences: - 5 -7 years of relevant experience or equivalent demonstratable knowledge & skill set. - Ability to think critically to solve problems with minimal guidance. - Ability to perform comprehensive Incident, root cause analysis and write technical reports. - The ability to conduct investigations on multiple operating systems such as Linux, iOS, and Windows. - Experience performing manual log analysis from a variety of host-based and network-based sources. - The ability to conduct security investigations without the assistance of pre-extracted data or pre-established queries across multiple platforms such as Splunk, OS CLI/Terminal, Sentinel One, etc. - Experience using modern CSOC/Fusion Center enterprise security suite. - Familiarity with Digital Forensics and Incident Response (DFIR) concepts. - Experience participating in CIRT/CSIRT investigations. - Knowledge of exploits, vulnerabilities, malware families and common attack vectors. - Scripting (Python, PowerShell, bash), regex experience isa plus. - Experience with firewalls, intrusion detection/prevention systems. - Effective in collaborating with teams in remote offices and multiple cultures across the globe. - Intermediate or higher Security Certifications are a plus - CYSA+, CISSP, CFR, CHFI, GCIH, GCFA, or GNFA, PenTest+, OSCP, etc. - Ability to tailor complicated Security and Technical information to the comprehension levels of intended audiences, whether that be non-technical Senior Executives or highly technical Subject Matter Experts. How We Get Things Done… This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/ along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview. Championing Inclusion at WBD Warner Bros. Discovery embraces the opportunity to build a workforce that reflects a wide array of perspectives, backgrounds and experiences. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law. If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request.