Director - APAC Business Information Security Office

Every great story has a new beginning, and yours starts here.

Welcome to Warner Bros. Discovery… the stuff dreams are made of.

Who We Are…

When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating what’s next…

From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.

The Job 
 

The Director, Asia-Pacific (APAC) Business Information Security Office is a key leader in shaping WBD's Global Information and Content Security (GICS) strategy, policies, and standards across the globe. This individual will provide cybersecurity support and leadership through APAC as WBD increases its technical and business footprint within the region.  This critical role will help to ensure that technical security controls are implemented and working effectively across business and technology operations, acting as a bridge between the business, technology, and GICS teams, to ensure consistency across strategy, risk, technical security direction, prioritization of cybersecurity efforts, incident response and delivering outcomes on our cybersecurity program.  This Director role is responsible for maintaining a strategic relationship within the region, providing constant feedback to GICS leadership on the coverage and effectiveness of cybersecurity controls within APAC. 

This position will report to the Senior Vice President, Cybersecurity Program Execution, Compliance and Risk Oversight.   

 

Job Responsibilities  

 

Strategic Business Partnership 

• Act as a link between APAC operations and our centralized cybersecurity functions, ensuring that security initiatives are aligned with business goals and priorities.  

• Promote corporate cyber security awareness activities and implement security awareness concepts locally, customizing communications to be suitable for the business. 

• Lead the adoption and enforcement of GICS policies and standards across APAC. 

Technical Security Delivery 

• Serve as a technical cybersecurity subject matter expert (SME), providing multi-disciplinary knowledge, skills, and experience in cybersecurity domains for APAC 

• Work with technology leadership, GICS, and all IT Service Owners to generate appropriate communication, process, and education plans to ensure both IT and Business leaders are aware of the overall cybersecurity posture within APAC. 

• Maintain a solid understanding of assigned business lines and supporting infrastructure to effectively handle the threat and risk landscape. 

• Support security operations and other teams in the identification, investigation, and mitigation of cyber security incidents. 

• Work with all GICS leadership management team to drive the adoption of core security services (Identity and Access Management, Logging and Monitoring, Detection and Response, Vulnerability Management, Product Security, Cloud Security, and Content Security). Handle security exceptions for Global news operations, ensuring proper documentation, approval, and review processes are followed. 

• Partner with other GICS leadership to drive the adoption of core security services (Identity and Access Management, Logging and Monitoring, Detection and Response, Vulnerability Management, Product Security, Cloud Security, and Content Security) throughout global news operations.   

Compliance and Reporting 

• Support enterprise and business lines regulatory and compliance requirements and develop implementation strategies that minimize operational impact and disruption to the business unit. 

• Collaborate and support with corporate functions including Internal Audit, Legal, Privacy, Procurement, and others to ensure that WBD maintains a strong cybersecurity posture.  

• Support enterprise and business lines regulatory and compliance requirements and develop implementation strategies that minimize operational impact and disruption. 

 

The Essentials 

• Executive presence, technical security expertise, business acumen, communication skills and alignment focus. 

• Being accountable, project driven, results oriented, willingness to be constantly learning new things, open minded, ability to articulate sometimes complex technical security topics and articulate risks in a language that the business finds meaningful and use that information to make more informed decisions. 

• 12-15 years of experience in a technical security environment, with 6-8 years in a supervisory or management role.  

• Solid knowledge of various regulatory requirements and information security control frameworks (ISO, NIST, PCI, GDPR, CCPA, SOX). 

• Strong understanding of audit/risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security 

• Hands-on experience with security practices such as security incident response and risk management. 

• Exceptional verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources. 

• Good understanding of Industry trends and emerging threats. 

• Experience in leading projects leveraging global teams with matrix resources. 

• Extensive experience in the information security field designing and implementing enterprise security solutions in a global context. 

• Should possess proficiency in the technical aspects of cyber security, such as: 

o Cloud infrastructure and concepts, specifically the security aspects thereof 

o Application security topics such as the OWASP top 10. 

o SIEM & logging tools 

o Vulnerability Management and EDR/XDR toolsets. 

o Network and Compute architectures 

o Identity & Access Management and Privileged Access Management 

The Nice to Haves 

• Bachelor’s degree in computer science, Engineering, or other related discipline preferred or 12+ years of previous technical security experience, e.g., architecture, engineering, or InfoSec Director level. 

• Security certifications are a plus (CISSP, CISM, CISA, SANS, etc.) 

 

How We Get Things Done…

This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/  along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.

The Legal Bits…

Warner Bros. Discovery embraces the opportunity to build a workforce that reflects the diversity of our society and the world around us. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, regardless of sex, gender identity, ethnicity, age, sexual orientation, religion or belief, marital status, pregnancy, parenthood, disability or any other category protected by law.

If you’re a qualified candidate and you require adjustments or accommodations to search for a job opening or apply for a position, please contact us at recruitadmin@wbd.com.