Director, Application Security
Bristol, CT - USApply Now Apply Later
Job ID 726130BR Location Bristol, Connecticut, United States Business Direct-to-Consumer and International Date posted 25/11/2019
Job Summary:Comprised of Disney’s international media businesses and the Company’s various streaming services, the Direct-to-Consumer and International (DTCI) segment aligns technology, content and distribution platforms to expand the Company’s global footprint and deliver world-class, personalized entertainment experiences to consumers around the world.
The Walt Disney Company’s Direct-to-Consumer and International segment (DTCI) is a global, multiplatform media, technology and distribution organization for high-quality content created by Disney’s Studio Entertainment and Media Networks groups.
DTCI includes Disney’s international media operations and the Company’s direct-to-consumer businesses globally, including the upcoming Disney-branded direct-to-consumer streaming service, the Company’s ownership stake in Hulu, and the ESPN+ sports streaming service, programmed in partnership with ESPN. BAMTECH Media, developer of the ESPN+ and Disney-branded streaming platforms, oversees all consumer-facing digital technology and products across the Company as part of the Direct-to-Consumer and International segment.
The Cyber Security team at Disney Direct to Consumer and International (DCTI) is the cornerstone for ensuring that our guest data is secure when interacting with our applications, products and online systems. We partner with teams across DCTI enabling them to make the strategic decisions they need based on authoritative security risk analysis. We are a team of hackers, advisors/mentors, security focused engineers and guides, ensuring that we find the bugs but also providing practical solutions and guidance to ensure the software is always deployed securely and effectively.
The Director, Application Security is a key member of the Direct to Consumer & International (DTCI) Information Security leadership team and responsible for the strategy and execution of the product & application security program which includes security reviews & testing.
This position requires a strategic leader with strong collaboration skills, detailed working knowledge of security technologies and best practices, and familiarity in leading a distributed team to effectively managing risks for a complex business environment.
- Lead the development and execution of application security strategies to continuously enhance our security posture as the threat landscape evolves.
- Oversee the Product & Application Security program including identifying, assessing, and driving remediation of vulnerabilities.
- Mature and help implement Threat Modeling capability with SDLC and application development efforts.
- Direct periodic penetration testing of the network and applications to identify risk areas.
- Define formal security standards and practices consistent with enterprise security policy, legal, regulatory requirements, and industry best practices.
- Develop and maintain partnerships with key vendors to ensure that all technology and services roadmaps are leveraged and aligned.
- Serve as Subject Matter Expert to internal and external business & technology teams and articulate risks in business context.
- Stay current on market developments to identify emerging security technologies, risks and trends to ensure that DTCI computing environment keeps pace with security technology and risk landscape evolution.
- 10+ years of experience in information security with demonstrated experience in building, implementing and continuous maturing of leading security programs
- 5+ years of management experience that includes overseeing direct reports
- Demonstrated ability in leading technical teams.
- Demonstrated competency in strategic thinking and leadership.
- Ability to work in a dynamic, fast paced environment with limited direction and change oriented where the individual actively defines process improvements, champions and drives change initiatives, confronts difficult circumstances in creative ways, balances multiple and competing priorities and executes accordingly
- Demonstrated technical abilities across a broad range of technologies: Windows, Linux, relational databases (Oracle, MS SQL, etc.), NGFW, secure web gateways, endpoint security, vulnerability scanners, SIEM, virtualization and cloud computing
- Proven experience in application security assessments, testing and secure code reviews
- Proven experience with software development methodologies, including waterfall, agile, DevSecOps
- Previous experience in leading red and blue team exercises
- Proven project management and organizational skills, specifically managing multiple, concurrent projects
- Demonstrated customer focus where the individual evaluates decisions through the eyes of the customer, builds strong customer relationships, creates processes with customer view point, partners with customers to shape future state products and strategy
- CISSP, GIAC GCIA and GIAC GCIH certifications desired
- Bachelor's or Master's Degree in Information Systems, Computer Science or related discipline is highly desired
About Direct-to-Consumer and International:
Comprised of Disney’s international media businesses and the Company’s various streaming services, the Direct-to-Consumer and International segment aligns technology, content and distribution platforms to expand the Company’s global footprint and deliver world-class, personalized entertainment experiences to consumers around the world. This segment is responsible for The Walt Disney Company’s direct-to-consumer businesses globally, including the ESPN+ sports streaming service, programmed in partnership with ESPN; the upcoming Disney-branded direct-to-consumer streaming service; and the Company’s ownership stake in Hulu. As part of the Direct-to-Consumer and International segment, Disney Streaming Services, developer of the ESPN+ and Disney-branded streaming platforms, oversees all consumer-facing digital technology and products across the Company.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with ESPN Technology Services, Inc., which is part of a business segment we call Direct-to-Consumer and International.
ESPN Technology Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.
Watch Our Jobs
Sign up to receive new job alerts and company information based on your preferences.