Director, Vulnerability Management - Warner Bros. Discovery : Job Details

Overview

Welcome to Warner Bros. Discovery. The Director, Vulnerability Management is a key leadership role within the Global Information & Content Security (GICS) team. This role leads and matures WBD's enterprise-wide vulnerability management Center of Excellence (CoE) program, covering cloud, on-premises infrastructure, and application environments. The Director directs identification, classification, reporting, and remediation of vulnerabilities, aligning with WBD's broader cybersecurity strategy.

This position requires deep collaboration across cloud engineering, IT infrastructure, application development, and third-party service providers to reduce the organization's risk exposure. The Director will work with GICS and business unit leaders to ensure risk mitigation aligns with enterprise goals.

Vulnerability Oversight

• Lead WBD's program for managing vulnerabilities across on-prem infrastructure, cloud and applications; guide the process from finding vulnerabilities to mitigating risk.
• Manage WBD's MS SP to ensure scans are thorough and results are prioritized by risk; assist and direct the resolution process and report status; verify remediation actions are effective.
• Drive vulnerability remediation with asset owners in line with established risk mitigation SLAs.
• Incorporate vulnerability risk into the broader GICS risk oversight framework, continually evaluating remediation SLA compliance.
• Oversee vulnerability scanning activities across the enterprise, including automated, authenticated, and manual assessments.
• Define and apply risk-based classification standards for vulnerabilities using CVSS and asset/business impact.
• Maintain dashboards and reporting for vulnerability risk metrics.
• Establish SLAs for remediation, drive accountability, and verify remediation effectiveness.
• Integrate vulnerability management into broader risk oversight and GICS governance.
• Collaborate with DevSecOps, product engineering, and infrastructure teams to embed remediation into operational workflows.

Strategic Leadership

• Translate vulnerability risk insights into strategic decisions and enterprise-wide policies.
• Communicate effectively with senior leadership and executive stakeholders.
• Advise on risk reduction priorities related to vulnerability trends to design cybersecurity strategies.
• Develop metrics to track vulnerability closure rates, aged vulnerabilities, and SLA compliance.
• Drive initiatives that reduce recurring vulnerabilities through root cause analysis.

Business Partnership & Enablement

• Engage with application, cloud, and infrastructure teams to promote remediation ownership.
• Foster collaboration across business units to align risk mitigation with delivery priorities.
• Support high-visibility initiatives (e.g., product launches, M&A, live events) by proactively identifying and managing vulnerability risk.
• Provide guidance on secure configuration and preventive controls to limit future vulnerabilities.

The Essentials

• 12+ years of cybersecurity experience, with 5+ years in vulnerability management
• Strong expertise across cloud (AWS, Azure, GCP), on-premise, and application environments
• Experience with tools such as Tenable, Wiz, Brinqa, PowerBi and native cloud scanning technologies
• Strong knowledge of risk frameworks (e.g., NIST, ISO, CVSS)
• Bachelor's degree in Computer Science, Engineering, or related field
• Excellent analytical, communication, and stakeholder engagement skills
• Knowledge of IP network infrastructure (firewalls, IDS/IPS), access control, data encryption, and on-prem and cloud security
• Ability to present complex topics in clear, non-technical language
• Ability to work collaboratively within team and across business and technology functions
• Detail-oriented with critical thinking, analytical, and problem-solving skills
• Proactive ownership and problem-solving abilities
• Ability to handle multiple assignments concurrently in an iterative environment
• Ability to articulate risk concepts to business leaders and enable collaborative decision making
• Strong ability to translate technical concepts into plain language for decision-makers
• Positive influencing skills and the ability to build relationships, influence, and negotiate
• Strong project management and delegation skills across multiple groups

The Nice to Haves

• One or more certifications: CISSP, CRISC, CISA
• 5+ years in related fields (media/entertainment or streaming industry experience is a plus)
• Familiarity with streaming and related products/services
• Experience in a national or global company

How We Get Things Done

Our guiding principles are the core values by which we operate. Learn more at www.wbd.com/guiding-principles/ and discuss them during your interview.

Championing Inclusion at WBD

Warner Bros. Discovery is an equal opportunity employer. We consider qualified candidates on the basis of merit without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, disability, and other protected categories. If you require adjustments or accommodations during the application process, please visit our accessibility page for instructions.

Salary range disclosure is provided where legally required. Base pay range: $177,170.00 - $329,030.00 per year, plus bonuses and other rewards. Benefits include health insurance, wellness programs, life and disability insurance, retirement savings, holidays, sick time and vacation.

#J-18808-Ljbffr