The Walt Disney Company Sr Security Specialist, Sec Assurance in Burbank, California
At Disney, we‘re storytellers. We make the impossible, possible. We do this through utilizing and developing cutting-edge technology and pushing the envelope to bring stories to life through our movies, products, interactive games, parks and resorts, and media networks. Now is your chance to join our talented team that delivers unparalleled creative content to audiences around the world.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.
In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:
Analysis of known and emerging threats to determine risks against TWDC assets
Creation, maintenance, governance and communication of security policies and standards across TWDC
Assessment and audit of compliance against the security policies and standards
Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria
We look add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work.
The Global Information Security- Red Team delivers technical security assessment capabilities across a range of IT assets employing real world threat actor scenarios and capabilities. The goal of the Red Team is to find and drive remediation of vulnerabilities before they are exploited by malicious cyber threats. Typical Red Team activities include, but are not limited to:
Technical Security Assessments- targeted full stack assessments that employ a variety of manual and automated security interrogation techniques
Red Team Operations- large scale, multi-month real world threat simulation operations targeting the entire enterprise or select segments or business units.
Provides situation based support, using in-depth knowledge of TWDC technology, to ensure systems are designed in accordance with and are aligned with Company security requirements; includes architecture assessments, secure development training, and conducting RTOs
Develops technical monitoring, assessment and response solutions that meet current specifications
Reviews and presents reports (e.g., penetration test results, incident response metrics, forensics, network monitoring metrics), position papers, assessment recaps to team (peers) and next level of leadership within team
Executes advanced risk and threat analysis activities, leveraging learnings from external and internal cyber trends and incidents
Deliver expert-level real world penetration testing and red team operations to gauge security and privacy controls across The Walt Disney Company.
Build and deliver services, solutions and processes that enable security defects to found, fixed or avoided before applications are released to production
Basic Qualifications :
5 years of pen testing experience
Red Team Operations
Previous experience with debugging and fuzzing binaries
Experience with multiple SDLC’s such as Agile, Dev Ops, and Waterfall
Previous software development experience
experience with frameworks such as Django, Ruby on Rails, or Symfony is a plus
OSCP – Offensive Security Certified Professional is highly desired
GIAC Penetration Tester (GPEN)
Preferred Qualifications :
- 8 years of pen testing experience
Required Education :
- BA/BS in business or computer science or appropriate work experience
Job ID: 563840BR
Job Posting Company: The Walt Disney Company (Corporate)