Security Architect

Warner Bros. Discovery•Silver Spring, MD

About The Position

We are seeking a highly skilled Security (Cybersecurity) Architect to help shape and strengthen the security posture of Warner Brothers Discovery. As a Security (Cybersecurity) Architect, you will also help define and secure the company’s rapidly evolving footprint in emerging technologies, including AI/ML systems, content generation pipelines, predictive analytics models, autonomous production tooling, and advanced cloud-native architectures. You will ensure that new technologies are introduced responsibly, resiliently, and with built-in security controls that protect intellectual property, sensitive media assets, and user trust. You will also collaborate with engineering, IT, studio production, and business teams to ensure that secure, resilient solutions support the creative and operational needs of our global brands. As a Security (Cybersecurity) Architect, you will design, build, and advance security architectures that safeguard Warner Brothers Discovery’s enterprise platforms, content, and digital experiences. This role supports the protection of high value intellectual property, largescale content delivery ecosystems, and hybrid technology environments spanning on-premise, cloud, and edge systems. You will work cross functionally with engineering, IT, business stakeholders, and production technology teams to ensure the implementation of resilient, scalable, threat aware security capabilities aligned with business and creative priorities. You will be responsible for developing and evaluating security frameworks, performing risk assessments, and guiding the design of modern security controls across applications, network layers, identity systems, production workflows, and other media specific technologies. Responsibilities will span assisting in designing robust enterprise class security systems, identifying emerging threats, reviewing current security measures, and ensuring compliance with evolving regulatory and industry standards. The role also includes collaborative support for incident response, disaster recovery planning, and the integration of security into ongoing technology initiatives and content distribution processes. Ideal candidates bring a balance of technical depth and business alignment, with the ability to think both like a defensive strategist and like an attacker to proactively secure a complex digital media ecosystem. While the role favors mid to senior level professionals experienced in architecting security solutions, it remains open to strong junior and midlevel talent who demonstrate foundational security principles, adaptability, and a desire for growth within a global, fast-paced, content driven environment. This architect will operate within a collaborative security organization (GICS) where continuous learning, innovation, and cross team partnership are essential for protecting a diverse portfolio of entertainment brands, live and digital experiences, and largescale audience platforms. You’ll help ensure that cutting edge storytelling and creative technologies are delivered securely and reliably across a worldwide audience.

Requirements

A cybersecurity professional capable of combining deep technical knowledge with business‑aligned decision‑making.
Experienced in designing secure architectures in hybrid environments (cloud + on‑prem), preferably within complex enterprise settings.
Comfortable communicating with engineers, creative teams, and executives to translate security needs into actionable plans.
Open to all candidates with demonstrated competency in core security principles and architecture fundamentals.
Be experienced or strongly interested in securing AI/ML platforms, including understanding of model security risks, data governance controls, and emerging standards (e.g., NIST AI RMF, secure by design principles).
Be able to communicate risks unique to emerging technologies to both technical teams and creative/production staff.
Be comfortable leading secure enablement for rapid innovation while enforcing guardrails that reduce organizational exposure.
Security Architecture & Framework Design — Ability to design and assess enterprise class, multilayered security architectures aligned to business and technology strategy.
Threat Modeling & Risk Assessment — Conduct assessments, analyze threats, and identify vulnerabilities across systems and commu8nicate them to responsible parties.
Cloud & Hybrid Security Expertise (AWS, Azure, GCP) — Architecting controls for multi-cloud and hybrid environments, including IaaS, SaaS and other service models.
Network & Application Security — Designing secure DNS, network segmentation, firewalls, secure coding integration, and monitoring.
Security Governance & Compliance — Knowledge of frameworks (NIST, ISO 27001) and regulatory alignments including national and international policy guidance.
AI/ML Security Architecture — Drive the design and securing of AI/ML model environments, including training pipelines, inference endpoints, model registries, and data governance processes leveraging industry best-practices and vendor guidance.
Adversarial AI & Model Integrity Protection — Research and recommend controls to detect and mitigate attacks such as data poisoning, model manipulation, prompt injection, and model exfiltration attempts.
Secure Adoption of Emerging Technologies — Assess risks in generative AI, automation systems, edge/real-time production tools, and other emerging technologies.

Nice To Haves

Incident Response & Disaster Recovery Oversight — Supporting IR plans, DR exercises, and post incident analysis. Help design tabletop exercises for teams to work expected scenarios around operations and potential threats.
Security Technology Evaluation — Assess and recommend security tools, assist conducting product evaluations, and integrate monitoring capabilities.
Cloud & DevOps Security Integration — Familiarity with CI/CD, automation, and security integration in modern development pipelines.
Identity & Access Management — Have experience in implementing strong authentication and authorization architectures.
AI Risk Monitoring & Anomaly Detection — Have the ability to define and monitor metrics for model drift, anomalous behavior, misuse patterns, and unintended outputs in AI systems.
Evaluation of Emerging Tech Security Posture — Have the ability to assess new platforms (e.g., generative media tools, predictive analytics engines, autonomous processing systems) before enterprise adoption.
General Cybersecurity Principles — Solid understanding of core security concepts, controls, and best practices.
Security Tools Exposure — Firewalls, IDS/IPS, vulnerability scanners, SIEMs, endpoint protection.
Analytical & Communication Skills — Ability to document requirements, communicate risks, and collaborate across diverse teams.
Fundamentals of AI System Behavior — Have an introductory understanding of how AI/ML systems work, common failure modes, and basic risks (e.g., bias, drift, data sensitivity).
Awareness of AI/ML Security Concepts — Have a baseline knowledge of adversarial examples, prompt safety considerations, and safe by design practices for early career contributors.

Responsibilities

Design and implement enterprise‑class security architectures across application, network, cloud, and identity domains.
Conduct threat modeling, security assessments, and vulnerability analysis; recommend improvements to mitigate emerging risks.
Review and enhance existing security controls; align strategy with industry frameworks such as NIST and ISO 27001.
Support incident response efforts, including planning, investigation, and post‑event review.
Collaborate with development and infrastructure teams to integrate security requirements throughout the technology lifecycle.
Evaluate, recommend, and implement modern security tools and monitoring systems across cloud, hybrid, and on‑premise ecosystems.
Drive continuous improvements in security governance, documentation, and compliance.
Architect security controls for AI/ML systems, including model hardening, data pipeline integrity, adversarial attack mitigation, and training data governance.
Support secure adoption of emerging technologies, such as generative AI, edge computing, real-time production automation, and Deep learning based content workflows.
Develop and enforce guidelines to prevent model poisoning, prompt injection failures, model exfiltration, and data leakage in AI-driven pipelines.
Evaluate new AI technologies, model hosting platforms, and media production innovations for security risks before adoption.
Integrate AI security requirements into incident response, ensuring threats targeting models (e.g., manipulated outputs, shadow model creation) are included in IR playbooks.