Senior Security Engineer - Security Architecture & Engineering (Project Hire)

Overview

On Site
USD 123,902.00 - 166,210.00 per year
Full Time
Unable to Provide Sponsorship

Skills

Google Cloud
Security architecture
Content creation
IaaS
Network security
Cyber security
Design review
Security analysis
Threat modeling
Penetration testing
Code review
Software security
Cloud security
Security QA
Mobile applications
Security controls
Threat analysis
Web applications
A+
Computer science
Computer engineering
MAGIC
Epic
Universe
Animation
Exceed
Creativity
Workflow
Design
Cloud computing
IMPACT
Research and development
Leadership
Testing
Management
Authentication
Mentorship
Evaluation
Amazon Web Services
Microsoft Azure
FOCUS
DRM
Network
Routers
Switches
Firewall
Proxies
Continuous integration
Continuous delivery
SCA
Microservices
Kubernetes
Docker
CISSP
SANS
Cisco Certifications
Recruiting
Finance

Job Details

We are defenders of the magic, waging an epic battle to safeguard our franchises, protect our people, and ensure the world's most admired entertainment company is not impacted by cybersecurity threats. The Walt Disney Company is scouring the known talent universe to find security engineers desiring to join our Studios Cyber Team. This position builds and operates systems that provide stay-secure capabilities to our Studio customers. We are partners in protecting Disney's highly respected portfolio including Marvel Studios, Pixar Animation Studios, Lucasfilm, Disney Live Action Films, Walt Disney Animation Studios, Searchlight Pictures, and 20th Century Studios.

To exceed the expectations of our versatile, creative partners, we need highly motivated, professionals who are passionate about finding new ways to deliver best-in-class cybersecurity capabilities. This Senior Security Engineer - Security Architecture & Engineering (Project Hire) role is part of a team that is responsible for validating our content creation and delivery platforms, services, applications, workflows, and websites are designed and implemented to the highest security standards. You will be responsible for assisting in the secure design and analysis of on-premise and cloud-based infrastructure and applications where studio content is produced. This is a deeply technical role, requiring a solid grasp and experience implementing a variety of cloud infrastructure solutions and services, as well as network security, identity, cyber security, privileged access, and related technologies, using solid design principles.

Areas of Responsibilities

  • Conduct security architecture and design reviews of high-impact applications including both internally developed applications and 3rd party managed applications.
  • Lead in-depth security assessments of sophisticated workflows spanning multiple applications, performing and/or coordinating multiple security assessment workstreams such as threat modeling, penetration testing, DAST scanning, and code review.
  • Review output from Dynamic Application Security Testing (DAST) tools and provide feedback on results.
  • Evaluate the security posture of cloud environments through manual review and automated tooling. Review output from Cloud Security Posture Management (CSPM) tools. Provide guidance to stakeholders on approaches to remediating identified issues.
  • Conduct hands-on security testing of web, mobile applications and cloud-based services. Be capable of identifying traditional application-level issues such as injection, authentication, and misconfiguration vulnerabilities, but also identify vulnerabilities that lead to bypass of security controls.
  • Participate in proof of concepts and other technical evaluations of technologies, designs, and solutions and provide security requirements and recommendations.
  • Serve as a point of escalation/mentor for junior engineers, and provide guidance on the use of DAST, SAST, CSPM tools, and application/cloud security standard methodologies. Participate in the evaluation of security tools used across the organization.
  • Threat Intelligence: Stay up to date with the latest security threats, vulnerabilities, and industry trends. Leverage threat intelligence to proactively enhance security measures.

Basic Qualifications

  • Minimum of 5+ years of experience in cybersecurity and cloud infrastructure engineering/architecture.
  • In-depth knowledge of public clouds such as AWS, Azure, and Google Cloud Platform. Experience with securing AWS workloads is required.
  • Proven ability to analyze and assess complicated application architectures and workflows to identify risk.
  • Significant penetration testing experience and offensive capabilities in key focus areas including web applications, mobile applications, networks, cloud, and infrastructure.
  • Basic knowledge of content security controls such as DRM, and visible and forensic watermarking is required.
  • Detailed understanding of network technologies including routers, switches, load balancers, firewalls, proxies, etc.
  • Familiarity with CI/CD principals, tools, and services. Hands-on experience implementing SAST, DAST, and SCA tooling is a plus.
  • Experience securing a microservice environment, along with demonstrable knowledge of container technologies such as Kubernetes and Docker and securing such environments.

Preferred Qualifications

  • One or more current security-related certifications (e.g., CISSP, SANS GIAC, etc.)
  • One or more cloud security certifications (AWS, Azure, Google Cloud Platform, CCSP).
  • Consistent track record of driving application security assessments for an organization.

Education

  • Bachelor's degree in Computer Science, Computer Engineering, or related technical field, and/or equivalent work experience, or significant experience and progress towards professional credentials.

This is an estimated 30-month project hire placement with no guarantee of permanent placement.

#DISNEYTECH

The hiring range for this position in California is $123,902 - $166,210 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

About The Walt Disney Company