The Walt Disney Company Sr Security Specialist, SecOps in Burbank, California
At Disney, we‘re storytellers. We make the impossible, possible. We do this through utilizing and developing cutting-edge technology and pushing the envelope to bring stories to life through our movies, products, interactive games, parks and resorts, and media networks. Now is your chance to join our talented team that delivers unparalleled creative content to audiences around the world.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We are here to protect the brand and reputation while enabling and supporting TWDC business units.
The GIS Security Operations team is looking for a passionate security professional to help protect the magic! We’re serious about protecting our assets, infrastructure and most importantly, company and customer data.
The Senior Security Specialist will be responsible for the maintenance, operation and integration of network and security tools to detect suspicious and hostile activity that would jeopardize the integrity of information systems. You will assist in the evaluation, research and development of computer and network security tools and implementation plans. This will require practical use and understanding of advanced security protocols, standards, and a solid knowledge of information security principles and practices. You will work closely with security team members, infrastructure engineers, information and system administrators to ensure mitigation of all activity detected. Coordinate cross-functional team meetings to remediate previously identified security risks and close out pending action plans.
Participate in 24x7 on-call rotation.
Perform Service Delivery of Security Operations Infrastructure
Support of TWDC Tanium, product management, upgrades and reporting for both on-prem and cloud solutions.
Support of all modules within the Tanium console, upgrades and reporting for both on-prem and cloud solutions.
Partner with the Tanium TAM on feature releases, product strategy and roadmap, IOC detection advancement.
Support of TWDC end point security solutions, product management, upgrades and reporting for both on-prem and cloud solutions
Supports systems security requirements, operational requirements, test and evaluation, integration and tuning of system security appliances, applications, and tools.
Recommends and implements security policies and procedures as a result of in depth research of potential harmful threats to the organization's IT infrastructure.
Provide coordination for security event detection, identification and resolution.
Develop technical security standards to support policies including assisting in creating and coordinating security monitoring standards and incident investigation procedures.
Engage with cross-functional teams in the design and implementation of security projects and initiatives
Assist with the development of metric and scorecards in support of the information security program for quarterly and annual Information Security reports to executive management
Perform Security Analyst Functions
Review proposed change control request to ensure proper alignment with TWDC policies standards and guidelines
Maintain responsibility for incident confirmation, response, data collection, investigation, and analysis.
Issue, follow-up, resolve or drive resolution of open security event tickets.
Respond to computer security breaches and viruses
Support investigations with respect to forensics (including disk, email and web history)
In conjunction with the Application Service Owner, Network Operator, provide IT security input on projects and other formal workgroups and committees
Promote awareness of applicable security policies and standards
Implement or coordinate remediation required by audits, as necessary
Collate security event data to produce monthly exception and management reports.
Respond to and, where appropriate, resolve or escalate reported security incidents.
Stays up to date on new software/hardware reaching the market and how security policies apply.
Basic Qualifications :
At least five (5) years of relevant work experience with three (3) years of practical information security experience.
Expert level experience managing security tools.
Experience tuning, improving and devising new ways to collect, signal, and identify suspicious events in an operational production environment.
Experience working in an operational capacity, with expertise in at least one of the following areas: server, network, cloud, database
Experience working with
Enterprise SIEM, log sources, incident escalation
Experience in information management and information technology security design and implementation.
Experience with log or data analysis, extracting salient data points to improve detective capabilities.
Broad exposure to various security disciplines and deeper understanding of models and principles behind core security concepts such as TCP/IP, MFA, and network routing and switching.
Experience working with multiple operating systems to include Linux, Windows, and OS X.
Intermediate knowledge/ coding skills in Python or similar.
Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment. Ability to rapidly assess a situation and identify, isolate and communicate problems and issues.
Excellent communication skills (both oral/written) including ability to clearly communicate risks and risk management issues to technologists and non-technologists.
One or more senior Information Security certifications (e.g. CISSP/GIAC) preferred.
Preferred Qualifications :
Experience in Tanium supporting a large enterprise preferred.
Advanced scripting/coding skills preferred.
Required Education :
- Bachelor’s Degree in Computer Science, Computer Engineering/Information Systems or equivalent experience
Preferred Education :
- Masters or other advanced degree preferred
Job ID: 588522BR
Job Posting Company: The Walt Disney Company (Corporate)