Sr. Cloud Security Engineer

Warner Bros Discovery · Media · Hyderabad, Telangāna, India · Technology

Seeking a Sr. Cloud Security Engineer to design, deploy, and maintain security measures for cloud infrastructures (AWS, GCP, Azure), focusing on containerized applications (Kubernetes, microservices). Responsibilities include developing security policies, automating operations with Python, conducting security assessments, and investigating innovative solutions including AI/ML for threat detection. Requires a Bachelor's degree and min 3 years of experience.

What you'd actually do

Design, deploy, and maintain security measures to safeguard our cloud infrastructures across AWS, GCP, and Azure.
Ensure the security of containerized applications through the implementation of Kubernetes and microservices security best practices.
Architect secure container environments, including Kubernetes clusters, Docker setups, and orchestration solutions, emphasizing vulnerability reduction and compliance.
Develop and enforce security policies, standards, and procedures for cloud environments and containerized workloads.
Collaborate with cross-functional teams to integrate security best practices into the software development lifecycle (SDLC) and continuous integration/continuous deployment (CI/CD) pipelines.

Skills

Required

Cloud security architecture, configuration, and governance across AWS, GCP, and Azure
Kubernetes and microservices security best practices
Containerized environments security
Security policies, standards, and procedures for cloud environments
Integrating security best practices into SDLC and CI/CD pipelines
Cloud security incident investigation and remediation
Security automation using Python
Continuous monitoring of cloud environments
Security assessments, vulnerability scans, and threat modeling
Risk identification, evaluation, and mitigation in cloud infrastructure
Fortifying container orchestration platforms
Evaluating and recommending new security tools and technologies
Documentation of cloud security processes and architecture
Reporting security risks and incidents
AI-driven threat detection
Machine learning models for security operations
Familiarity with CSPM Platforms (Wiz preferred)
Containerization technologies (Docker, Kubernetes)
DevSecOps principles

Nice to have

Primary experience with AWS
Strong familiarity with GCP and Azure
Experience with Wiz CSPM platform
Knowledge of work productivity tools like Office 365, Atlassian

What the JD emphasized

primary experience with AWS
strong familiarity with GCP and Azure
security of containerized applications
Kubernetes
microservices security best practices
secure container environments
Kubernetes clusters
Docker setups
orchestration solutions
vulnerability reduction
compliance
security policies
standards
procedures for cloud environments
containerized workloads
security best practices into the software development lifecycle (SDLC)
continuous integration/continuous deployment (CI/CD) pipelines
incident response team
cloud security incidents
cloud-specific attack vectors
mitigation strategies
Automate security operations and workflows using scripting languages like Python
security automation solutions
continuously monitor cloud environments for compliance, threats, and performance anomalies
security assessments
vulnerability scans
threat modeling for cloud environments
Identify, evaluate, and mitigate risks in cloud infrastructure using automated and manual methods
DevOps teams
fortify container orchestration platforms
containerized workloads
Evaluate and recommend new tools, technologies, and methodologies to improve the security posture of the organization’s cloud environments
Monitor and assess industry trends to ensure the cloud security program evolves with emerging threats and regulatory changes
Project Execution Office (PEO)
create and maintain detailed project plans, timelines, and milestones
Maintain comprehensive documentation on cloud security processes, security controls, architecture diagrams, and risk assessments
Report security risks, incidents, and findings to leadership and relevant stakeholders
define project scope, deliverables, and expectations, ensuring alignment with business objectives
Leverage creativity and technical expertise to design novel security solutions that address complex cloud security challenges
Think outside the box to solve unique security issues that arise as the company scales and adopts new cloud services
Think beyond reactive security measures—take a proactive approach to identifying potential vulnerabilities and threats
Use advanced tools, AI, machine learning, or custom-built scripts to anticipate future risks and mitigate them before they affect the infrastructure
Investigate and implement innovative solutions such as AI-driven threat detection, security automation tools, and machine learning models to enhance security operations and reduce manual workloads
cross-functional teams, including security architects, engineers, and developers
explore new ideas and develop innovative ways to automate, monitor, and improve security at scale across cloud platforms
Stay at the forefront of cloud security trends and emerging technologies (e.g., zero-trust architecture, Quantum Cryptographs, Extended Detection & Response (XDR), User Behavior Analytics, Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Serverless Security, etc ) and creatively incorporate these into security practices as appropriate
Identify gaps in existing security tools and services, and, when necessary, collaborate with development teams to create custom security solutions that better meet the company’s unique needs
Min of 3 years of experience working as a Cloud Security Engineer or a similar role
In-depth knowledge of cloud computing platforms such as AWS, GCP, and Azure
Proficiency in writing scripts and automation using Python
Strong understanding of DevSecOps principles and practices
Demonstrated experience working with any of the CSPM Platforms like Wiz, Divvy Cloud, Prisma Cloud, Orca, etc. (Wiz is preferred)
Experience with containerization technologies such as Docker and Kubernetes, including securing Kubernetes clusters and containerized workloads
Strong knowledge of work productivity tools like Office 365, Atlassian, etc. is required
Must possess excellent communication, presentation, and collaboration skills

Read full job description

Welcome to Warner Bros. Discovery… the stuff dreams are made of.

**Who We Are… **

When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the_ creators_ bringing them to your living rooms and the dreamers creating what’s next…

From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.

Your New Role:

We are seeking a Cloud Security Engineer with expertise in cloud security architecture, configuration, and governance across AWS, GCP, and Azure platforms. This role is focused on ensuring the security of cloud services and infrastructure, implementing best practices for secure deployments, and proactively identifying and mitigating security risks across multiple cloud environments. The ideal candidate will have primary experience with AWS, and strong familiarity with GCP and Azure.

Job responsibilities:

Engineering Responsibilities:

Design, deploy, and maintain security measures to safeguard our cloud infrastructures across AWS, GCP, and Azure.
Ensure the security of containerized applications through the implementation of Kubernetes and microservices security best practices.
Architect secure container environments, including Kubernetes clusters, Docker setups, and orchestration solutions, emphasizing vulnerability reduction and compliance.
Develop and enforce security policies, standards, and procedures for cloud environments and containerized workloads.
Collaborate with cross-functional teams to integrate security best practices into the software development lifecycle (SDLC) and continuous integration/continuous deployment (CI/CD) pipelines.
Work with the incident response team to investigate and remediate cloud security incidents, providing expertise on cloud-specific attack vectors and mitigation strategies.
Automate security operations and workflows using scripting languages like Python.
Develop and implement security automation solutions to continuously monitor cloud environments for compliance, threats, and performance anomalies.
Conduct regular security assessments, vulnerability scans, and threat modeling for cloud environments. Identify, evaluate, and mitigate risks in cloud infrastructure using automated and manual methods.
Partner closely with DevOps teams to fortify container orchestration platforms and containerized workloads.
Evaluate and recommend new tools, technologies, and methodologies to improve the security posture of the organization’s cloud environments. Monitor and assess industry trends to ensure the cloud security program evolves with emerging threats and regulatory changes.
Collaborate with Project Execution Office (PEO) to create and maintain detailed project plans, timelines, and milestones.
Maintain comprehensive documentation on cloud security processes, security controls, architecture diagrams, and risk assessments.
Report security risks, incidents, and findings to leadership and relevant stakeholders.
Collaborate with stakeholders to define project scope, deliverables, and expectations, ensuring alignment with business objectives.

Innovation and Creative Problem Solving:

Leverage creativity and technical expertise to design novel security solutions that address complex cloud security challenges. Think outside the box to solve unique security issues that arise as the company scales and adopts new cloud services.
Think beyond reactive security measures—take a proactive approach to identifying potential vulnerabilities and threats. Use advanced tools, AI, machine learning, or custom-built scripts to anticipate future risks and mitigate them before they affect the infrastructure.
Investigate and implement innovative solutions such as AI-driven threat detection, security automation tools, and machine learning models to enhance security operations and reduce manual workloads.
Work with cross-functional teams, including security architects, engineers, and developers, to explore new ideas and develop innovative ways to automate, monitor, and improve security at scale across cloud platforms.
Stay at the forefront of cloud security trends and emerging technologies (e.g., zero-trust architecture, Quantum Cryptographs, Extended Detection & Response (XDR), User Behavior Analytics, Cloud Security Posture Management (CSPM), Cloud Workload Protection (CWP), Serverless Security, etc ) and creatively incorporate these into security practices as appropriate.
Identify gaps in existing security tools and services, and, when necessary, collaborate with development teams to create custom security solutions that better meet the company’s unique needs.

PEOPLE MANAGEMENT

N/A.

**QUALIFICIATIONS: **

Qualifications & Experiences:

Bachelor’s degree in computer science, Information Security, or a related field.
Min of 3 years of experience working as a Cloud Security Engineer or a similar role.
In-depth knowledge of cloud computing platforms such as AWS, GCP, and Azure.
Proficiency in writing scripts and automation using Python.
Strong understanding of DevSecOps principles and practices.
Demonstrated experience working with any of the CSPM Platforms like Wiz, Divvy Cloud, Prisma Cloud, Orca, etc. (Wiz is preferred).
Experience with containerization technologies such as Docker and Kubernetes, including securing Kubernetes clusters and containerized workloads.
Strong knowledge of work productivity tools like Office 365, Atlassian, etc. is required.
Must possess excellent communication, presentation, and collaboration skills.
Relevant security certifications such as AWS Security Engineer, GCP Security Engineer or Azure Security Engineer is a plus
Hybrid work environment. Must be based in the WBD’s office, minimum three days/week.

If you:

are excited to work in an international, fast-paced, multi-faceted media company.
are comfortable ensuring timely escalation, responsiveness and follow through to meet deadlines.
are knowledgeable of, and understand, the risk-based business impact approach to cybersecurity.
are actively questioning and influencing actions needed to attain goals and targets.
are comfortable driving initiatives forward without having direct control of staff.

Then help us create the future with one of the world’s largest media & entertainment companies.

How We Get Things Done…

This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/ along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.

Championing Inclusion at WBD

Warner Bros. Discovery embraces the opportunity to build a workforce that reflects a wide array of perspectives, backgrounds and experiences. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, regardless of sex, gender identity, ethnicity, age, sexual orientation, religion or belief, marital status, pregnancy, parenthood, disability or any other category protected by law.

If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request.