Sr. Security Engineer

Who We AreAt Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader.

Walt’s passion was to continuously envision new ways to move audiences around the world a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts, and a cruise line to sports, news, movies, and a variety of other businesses.

Uniting each endeavor is a commitment to creating and delivering unforgettable experiences and we’re constantly looking for new ways to enhance and protect these exciting experiences.

The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise.

We are here to protect the brand and reputation while enabling and supporting the business units.We Are Hiring! We need a Sr.

Security Engineer to join our Security Assurance and Compliance team!What You Will DoThe Sr. Security Engineer is responsible for evaluating various deployment scenarios (e.

g., on-premises, cloud, hybrid), services, models, and technology to ensure they are secure and compliant across the Walt Disney Company (TWDC).

Using your cybersecurity experience and critical thinking, you will articulate the risk associated with an application or service based on the analysis and assessment of its design and configuration, data classification and flow, security control alignment, and current and emerging threats.

Key responsibilities : Create, review, and present security architecture reviews and cybersecurity risk assessments to peers, executive leadership, and business-focused application teams.

Conduct risk and threat analysis and modeling activities, leveraging learnings from external and internal cyber trends and incidents.

Develop and document cybersecurity risk mitigations and technical solutions that align with Company standards, industry security frameworks, and best practices.

Advise technology and application teams on effectively applying security controls, secure design principles, and defense-in-depth to protect critical Company information while maximizing business functionality, efficiency, and flexibility.

Review, optimize, and develop security architecture documentation and artifacts (e.g., technical architectures, process flows, requirements documents, data flows, and control mapping).

Lead ad-hoc and informal teams to analyze and assess cybersecurity risk and propose technical and process improvements to increase the application or service’s overall security posture.

Interact with internal and external customers on security-related projects and operational tasks and deliver briefs to senior staff members and executives.

Promote awareness of applicable security policies, standards, and best practices.Maintain metrics and scorecards in support of the cybersecurity risk assessment program.

Examine current cybersecurity policies and controls to determine potential enhancements to minimize risk in a dynamic technology and threat ecosystem.

Mentor junior security engineers on emerging technologies, processes, and concepts.Must HaveMinimum of 5+ years of related work experience in cybersecurity3+ years of cloud information security experience with at least one public cloud service provider (e.

g., Amazon Web Services, Google Cloud, Azure, etc.)Demonstrated experience in creating and interpreting conceptual, logical, and physical security diagrams, with a thorough understanding of vulnerabilities and countermeasuresStrong background in process design, implementation, and optimization with the ability to lead implementations of these processes or changes across security and technology organizationsDetailed understanding of identity, access, and authentication mechanisms (e.

g., Kerberos, NTLM, AD), networking technologies, software-defined computing, containerization, routing and switching, big data, elastic compute, and risk analysis and risk management methodologiesExperience in writing, reviewing, and editing technical and cybersecurity-focused reports.

Experience in information management, protection, and security control design and implementationFamiliarity with a broad range of cybersecurity frameworks and threat modeling concepts such as STRIDE, MITRE ATT&CK, and NIST publications (particularly 800-53 and 800-30)One of the following senior cybersecurity, information technology, or cloud / cloud security certifications : CISSP, CCSP, AWS Certified Public Cloud Architect, CISM, CRISC, CISA, MCSE cloud, VMWare VCP6 cloud, EMCCA cloud computing Architect or GIACNice To Have3+ years of practical cloud information security experience with more than one public cloud service provider (e.

g., Amazon Web Services, Google Cloud, Azure, etc.)Knowledge in applying cybersecurity principles in the implementation of Artificial Intelligence (AI)EducationBachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and / or equivalent work experience#DISNEYTECH#LI-JP4The hiring range for this position is $117,998-$174,130 per year, which factors in various geographic regions.

The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors.

A bonus and / or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and / or other benefits, dependent on the level and position offered.

Job ID : 10091013Location : Burbank,CaliforniaJob Posting Company : The Walt Disney Company (Corporate)The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities.

If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, email Candidate.

Accommodations@Disney.com with your request. This email address is not for general employment inquiries or correspondence.

We will only respond to those requests that are related to the accessibility of the online application system due to a disability.