The Walt Disney Company Senior Security Specialist, Application Assurance in Burbank, California
At Disney, we‘re storytellers. We make the impossible, possible. We do this through utilizing and developing cutting-edge technology and pushing the envelope to bring stories to life through our movies, products, interactive games, parks and resorts, and media networks. Now is your chance to join our talented team that delivers unparalleled creative content to audiences around the world.
The Walt Disney Global Information Security - Assurance Services Team’s mission is to deliver expert-level, real world penetration testing and red team operations to gauge security and privacy controls across The Walt Disney Company. Further our mission is to build and deliver services, solutions and processes that enable security defects to found, fixed or avoided before applications are released to production. We are looking for a candidate who at a minimum possess deep knowledge web application security assessment skills and also seeks opportunities for their experience and skills to be applied beyond myopic penetration testing activities. If you seek an opportunity to work with some of the sharpest professionals in the field and play a larger role in driving solutions to improve application security at one of the most innovative and advanced technological entertainment companies in the world, then this position might be for you.
The Security Specialist will be responsible for web application testing, source code analysis, manual pen testing, and training. They will interact with Disney Business Units to discover, triage and resolve security vulnerabilities with manual and automated tools to enforce security criterion as part of a Secure Development Life Cycle on a continuous basis.
Basic Qualifications :
Minimum of 3 years in Information Security Field
Vulnerability Research and Exploit Development
Penetration Testing Execution Standard Automation Framework (PTES)
Previous experience with teaching application security to developers
Must code in one or more languages such as Java, Python, Ruby, PHP, or .Net
Penetration Testing – WebInspect, Acunetix, Netsparker Appscan, Fortify, Ounce, Vercode, Burp Suite, NMAP, Nessus, Metasploit, Core Impact, Qualys, Kali Linux, Samurai WTF, OWASP ZAP, SQLMap and manual tools
Preferred Qualifications :
Preferred 4 years in Information Security Field
Red Team Operations
Previous experience with debugging and fuzzing binaries
Experience with multiple SDLC’s such as Agile, Dev Ops, and Waterfall
Previous software development experience
experience with frameworks such as Django, Ruby on Rails, or Symfony is a plus
OSCP - Offensive Security Certified Professional is highly desired
GIAC Penetration Tester (GPEN)
Required Education :
- Information Security Education
Preferred Education :
- BS in CS, Engineering or equivalent. MS preferred
Company Overview :
At Corporate, you’ll team with the best in the business to build one of the most innovative global businesses in any industry. Uniquely positioned at the center of an exciting, multi-faceted Company, the forward-thinkers at Disney Corporate constantly pursue new ideas and technologies to help the Company’s many businesses drive value, all the while gaining something valuable from the experience themselves. Come see the most interesting Company from the most interesting point of view.
Additional Information :
- This position is a legal entity of The Walt Disney Company, an equal opportunity employer.
Job ID: 525761BR
Job Posting Company: The Walt Disney Company (Corporate)