Sr. Application Security Engineer
Bristol, CT - USApply Now Apply Later
Job ID 724961BR Location Bristol, Connecticut, United States; Seattle, Washington, United States Business Direct-to-Consumer and International Date posted 22/11/2019
Job Summary:The Cyber Security team at Disney Direct to Consumer and International (DTCI) is the cornerstone for ensuring that our guest data is secure when interacting with our applications, products and online systems. We partner with teams across DTCI enabling them to make the strategic decisions they need based on authoritative security risk analysis. We are a team of hackers, advisors/mentors, security focused engineers and guides, ensuring that we find the bugs but also providing practical solutions and guidance to ensure the software is always deployed securely and effectively.
Responsibilities:Drive secure development practices by:
- Analyzing source code, both with manual and automated tools for security related weaknesses and common problems
- Performing manual and automated analysis on applications using open source and custom tools
- Proactively testing using a mix of static and dynamic application security tests (SAST and DAST)
- Preparing summary security review reports which quantify and communicate the risk of the vulnerabilities
- Partner with development teams to ensure risk is understood as well as to track and validate all remediation tasks
- Analyzing processes and toolsets, continuously identify areas for automation and improvement
- Assisting in tools and dashboards development
- Authoring white papers and standards ensuring best practices are documented and easily understood by the development community
- Mentoring junior members of staff
- Speaking the engineering team’s language and demonstrating real, practical risk and value
- Being an ambassador for the security team, building relationships with the development teams security specialists to make certain they engage early and often ensuring security is an enabler not a blocker
- Thorough understanding of authentication/authorization principles
- Thorough understanding of encryption principles and key management
- Thorough understanding of how production software is written, built, deployed and maintained
- Ability and drive to quickly automate and build tools (Python preferred)
- Experience in development across multiple platforms (Web, TV Consoles, Mobile, etc.)
- Experience in securing solutions in the cloud
- Basic networking knowledge and experience
- In-depth knowledge of one or more of the following: Java, Python, JS/Node, PHP, C#
- Demonstrated ability to work under pressure and be effective in ambiguous situations
- Keen attention to detail with good verbal and written communication skills
- Strong commitment to customer service and product enablement
- Thirst for knowledge and constant learning to stay up to date with the threat landscape
- Remains productive while rapidly switching context
- Team player who can work with a wide variety of personalities across remote locations
- Comfortable working in a dynamic environment and developing flexible solutions to meet evolving business requirements
- Ability to multitask and prioritize work requirements aligned with senior leadership direction
About Direct-to-Consumer and International:
Comprised of Disney’s international media businesses and the Company’s various streaming services, the Direct-to-Consumer and International segment aligns technology, content and distribution platforms to expand the Company’s global footprint and deliver world-class, personalized entertainment experiences to consumers around the world. This segment is responsible for The Walt Disney Company’s direct-to-consumer businesses globally, including the ESPN+ sports streaming service, programmed in partnership with ESPN; the upcoming Disney-branded direct-to-consumer streaming service; and the Company’s ownership stake in Hulu. As part of the Direct-to-Consumer and International segment, Disney Streaming Services, developer of the ESPN+ and Disney-branded streaming platforms, oversees all consumer-facing digital technology and products across the Company.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with ESPN Technology Services, Inc., which is part of a business segment we call Direct-to-Consumer and International.
ESPN Technology Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.
Watch Our Jobs
Sign up to receive new job alerts and company information based on your preferences.