Senior Security Engineer---Devops
Burbank, California, United StatesApply NowApply Later
Job ID 788486BR Location Burbank, California, United States Business The Walt Disney Company (Corporate) Date posted May. 12, 2021
Job Summary:At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We are here to protect the brand and reputation while enabling and supporting the business units. GIS teams are located in Seattle, Glendale, and Orlando.
In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats, as well as changes in business and technology. This process includes:
- Analysis of known and emerging threats to determine risks against TWDC assets;
- Creation, maintenance, governance and communication of security policies and standards across TWDC;
- Assessment and audit of compliance against the security policies and standards;
- Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria.
Security Assurance Services delivers a variety of services across TWDC to help find, fix, and avoid critical application security vulnerabilities and gain deep insight into the effectiveness of the integrated preventative and detective controls intended to protect our most valued cyber assets.
Automated assessment service is automated, light-touch assessment service which efficiently catches any unintended or high-risk errors that may result in exploitable vulnerabilities in TWDC's internet presence to reduce the risk associated with the most-severe and most-easily-verified application vulnerabilities.
Secure development service is an enterprise assessment service provides set of tools and processes intended to build security into application development life providing secure consulting, scanning, code review, training, vulnerability root cause analysis, remediation support, and performance measurement.
We are a highly versatile and technical team spanning all aspects of the application development cycle and experts in all lifecycle methodologies, especially sec/devops.
Responsibilities:The Senior Security Engineer, Security Assurance is responsible maintaining and improving assessment services, including but not limited to:
- Automated assessment platforms – Design and implement new automated security assessment tools and orchestration platform, maintain and upgrade current tools and platforms to achieve higher performance
- Secure SDL enhancement - Review and survey new development patterns, assess the current secure SDL pipeline coverage against new patterns and drive improvement to current service offering
- Service delivery - Support devOp engineers, security engineers and developers to ensure service is delivered within SLA such as CI/CD pipeline integration, security assessments or source code reviews
Service delivery - Support devOp engineers, security engineers and developers to ensure service is delivered within SLA such as CI/CD pipeline integration, security assessments or source code reviews
- Minimum 3 years in technology organizations, with 5 years of application development work experience supporting a moderate to large organization.
- Minimum 5 years of experience with Java, proficient in Hibernate, AngularJS, Spring Framework, Bootstrap, Java Message Service, ActiveMQ, Quartz Job Scheduler, Apache Velocity Template
- Minimum 2 years of python experience, proficient Django or Flask
- Experience with database, (e.g. NoSQL, MySQL, MongoDB, Redis, Elastic, PostgreSQL) including being able to perform basic setup, configuration, and troubleshooting.
- Experience with all stages of secure SDL, across threat modeling, requirements, static, dynamic, business logic testing, training and response
- Experience building unit / QA testing
- Experience with containers such as docker or Kubernetes
- Experience with deploying applications to AWS environment and comfortable working in Linux environment
- Ability to communicate effectively with developers, operations, and middle management.
- Passion for application security
Preferred Qualifications:• Experience with CouchDB
• Experience with data science / data engineering
• Experience with modern application development pattern with AWS
• Background in penetration testing or delivering secure SDL service
Required EducationRequired: BS in computer science or computer science related field, or equivalent military experience
About The Walt Disney Company (Corporate):
At Disney Corporate you can see how the businesses behind the Company’s powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you’ll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with Disney Worldwide Services, Inc., which is part of a business segment we call The Walt Disney Company (Corporate).
Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status or any other basis prohibited by federal, state or local law. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.