**_Welcome to Warner Bros. Discovery… the stuff dreams are made of._** **Who We Are…** When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the _storytellers_ bringing our characters to life, the _creators_ bringing them to your living rooms and the _dreamers_ creating what’s next… From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive. ***Must work a hybrid schedule (3 days onsite) out of our Atlanta office.*** **THE JOB** The **Director, Vulnerability Management** is a key leadership role within the Global Information & Content Security (GICS) team. This role leads and matures WBD’s enterprise-wide vulnerability management Center of Excellence ( CoE ) program, covering cloud, on-premises infrastructure, and application environments. The Director is responsible for directing the identification, classification, reporting, and remediation of vulnerabilities, ensuring alignment with WBD’s broader cybersecurity strategy. This position requires deep collaboration across cloud engineering, IT infrastructure, application development, and third-party service providers to effectively reduce the organization’s risk exposure. The Director will work closely with GICS and business unit leaders to ensure strategic and tactical vulnerability risk mitigation efforts align with enterprise goals. **VULNERABILITY OVERSIGHT** + Lead WBD’s program for managing vulnerabilities across on-prem infrastructure, cloud and applications ; guiding the process from finding vulnerabilities, to mitigating risk . + Manage WBD’s M S SP to make sure scans are thorough and results are prioritized by how risky they are; assist and direct the process of resolving vulnerabilities and report on the status; and verify that the actions taken to fix them are working. + Drive vulnerability remediation with asset owners inline with established risk mitigation SLA’s . + Incorporate vulnerability risk into the broader GICS risk oversight framework, continuously evaluating the risk associated with the state of remediation SLA compliance. + Oversee vulnerability scanning activities across the enterprise, including automated, authenticated, and manual assessments. + Define and apply risk-based classification standards for vulnerabilities using CVSS and contextual asset/business impact. + Maintain dashboards and reporting for vulnerability risk metrics. + Establish SLAs for remediation, drive accountability, and verify remediation effectiveness. + Integrate vulnerability management into broader risk oversight and GICS governance. + Collaborate with DevSecOps , product engineering, and infrastructure teams to embed remediation into operational workflows. **STRATEGIC LEADERSHIP** + Translate vulnerability risk insights into strategic decisions and enterprise-wide policies. + Communicate effectively with senior leadership and executive stakeholders. + Contribute to the design of cybersecurity strategies by advising on risk reduction priorities related to vulnerability trends. + Develop metrics to track vulnerability closure rates, aged vulnerabilities, and SLA compliance. + Drive initiatives that reduce recurring vulnerabilities through root cause analysis. **BUSINESS PARTNERSHIP & ENABLEMENT** + Engage with application, cloud, and infrastructure teams to promote remediation ownership. + Foster collaboration across business units to ensure alignment between risk mitigation and delivery priorities. + Support high-visibility business initiatives (e.g., product launches, M&A, live events) by proactively identifying and managing vulnerability risk. + Provide guidance on secure configuration and preventive controls to limit future vulnerabilities. **The Essentials** + 12+ years of cybersecurity experience, with 5+ years in vulnerability management + Strong expertise across cloud (AWS, Azure, GCP), on-premise , and application environments + Experience with tools such as Tenable, Wiz , Brinqa , PowerBi and native cloud scanning technologies + Strong knowledge of risk frameworks (e.g., NIST, ISO, CVSS) + Bachelor’s degree in Computer Science , Engineering, or related field + Excellent analytical, communication, and stakeholder engagement skills + Bachelor’s degree in related field, such as Business, IT, Computer Science + Knowledge of IP network infrastructure (firewalls, intrusion detection/prevention), access control, data encryption and on-prem and cloud security + Excellent communication skills, including the ability to communicate effectively in English, both written and verbal + Ability to present complex topics in clear, non-technical language + Ability to work collaboratively within team and across business and technology functions + Detail-oriented individual with critical thinking, analytical, and problem-solving skills + Demonstrated ability to be proactive and take ownership of and solve problems + Ability to handle multiple assignments concurrently within an iterative environment + Deep capability in applying risk principles to the business environment. Ability to clearly articulate risk concepts and results to business leaders and navigate collaborative and informed decision making. + Can effectively connect with both technical and non-technical staff. Ability to translate sophisticated technical concepts into plain English and present them in a way that decision-makers can understand. + Positive influencing skills both verbally and through the preparation of written materials in order to build relationships, influence and negotiate. + Strong project management and delegation skills in prioritizing and reprioritizing projects of various size and complexity across multiple functional groups and departments. **The Nice to Haves** + One or more of the following certifications: CISSP, CRISC, CISA + 5+ years of prior experience in a related field (media, entertainment, business development or streaming services industry experience a plus) + Familiarity with streaming and similar products /services + Experience working in a national or global company **How We Get Things Done…** This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/ along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview. **Championing Inclusion at WBD** Warner Bros. Discovery embraces the opportunity to build a workforce that reflects a wide array of perspectives, backgrounds and experiences. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law. If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page (https://careers.wbd.com/global/en/accessibility) for instructions to submit your request.