Sr Security Specialist, Sec Assurance
Burbank, CA - USApply Now Apply Later
Job ID 748957BR Location Burbank, California, United States Business The Walt Disney Company (Corporate) Date posted Feb. 28, 2020
Job Summary:At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.
In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:
- Analysis of known and emerging threats to determine risks against TWDC assets
- Creation, maintenance, governance and communication of security policies and standards across TWDC
- Assessment and audit of compliance against the security policies and standards
- Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria
The Walt Disney Global Information Security - Assurance Services Team’s mission is to deliver expert-level, real world penetration testing to gauge security and privacy controls across The Walt Disney Company. Further our mission is to build and deliver services, solutions and processes that enable security defects to found, fixed or avoided before applications are released to production. We are looking for a candidate who at a minimum possess deep knowledge web application security assessment skills and also seeks opportunities for their experience and skills to be applied beyond myopic penetration testing activities. If you seek an opportunity to work with some of the sharpest professionals in the field and play a larger role in driving solutions to improve application security at one of the most innovative and advanced technological entertainment companies in the world, then this position might be for you.
- In-depth knowledge of networking protocols and systems administration
- Expert level web application, API’s and network penetration testing skills
- Familiar with penetration testing applications in the major cloud providers
- Experience customizing/developing in-house scripts and tooling
- Penetration Testing Execution Standard Automation Framework (PTES)
- Experience working with assessments tools/frameworks OWASP ZAP, Burp Suite, NMAP, Mass Scan, Nessus, Metasploit, Mimikatz,Tenable IO, Qualys, Kali Linux, SQLMap and manual tools
- Provides situation based support, using in-depth knowledge of TWDC technology, to ensure systems are designed in accordance with and are aligned with Company security requirements; includes architecture assessments, secure development training, and conducting RTOs
- Develops technical monitoring, assessment and response solutions that meet current specifications
- Reviews and presents reports (e.g., penetration test results, incident response metrics, forensics, network monitoring metrics), position papers, assessment recaps to team (peers) and next level of leadership within team
- Executes advanced risk and threat analysis activities, leveraging learnings from external and internal cyber trends and incidents
- 3 years in Information Security Field
- Experience working with scripting and development languages like Bash, PowerShell, Python, Perl, Ruby, PHP, C/C++,C#, or Java
- In-depth knowledge of operating systems (Unix/Linux, Windows, and Mac)
- GPEN - GIAC Penetration Tester
- 5 years in Information Security Field
- OSCP - Offensive Security Certified
- GXPN - Exploit Researcher and Advanced Penetration Tester
- GWAPT - Web Application Penetration Tester
- BA/BS in business or computer science or appropriate work experience
- Degree educated or equivalent, preferably in a computer science related subject
About The Walt Disney Company (Corporate):
At Disney Corporate you can see how the businesses behind the Company’s powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you’ll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with Disney Worldwide Services, Inc., which is part of a business segment we call The Walt Disney Company (Corporate).
Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.
Watch Our Jobs
Sign up to receive new job alerts and company information based on your preferences.