Skip to main content

Content Security Staff Engineer

Apply NowApply Later NOTE: We have a new application system, please create a new account if you have not done so yet when applying. Job ID 10008450 Location Glendale, California, United States Business Studios Content Date posted Jul. 25, 2022 Flex Type Hybrid

- This role is considered hybrid, which means the employee will work a portion of their time on-site from a Company designated location and the remainder of their time remotely.

Job Summary:

Staff Engineer, Content & Information Security

The Staff Engineer, Content & Information Security, reports into the Senior Manager of Application and Cloud Security at The Walt Disney Studios based in Burbank.  This role is part of the team that is responsible for validating that our content creation and delivery platforms, services, applications, workflows, and websites are designed and implemented to the highest security standards.  You will be responsible for assisting in the secure design and analysis of the security of cloud-based infrastructures where studio content is produced.  This is a deeply technical role, requiring a solid understanding and experience implementing a variety of cloud infrastructure solutions and services, as well as network security, identity, cyber security, privileged access, and related technologies, using solid design principles.

Overall responsibilities

  • Lead cloud infrastructure security assessments on studio production content related services, applications, platforms and workflows
  • Maintain current knowledge of security threats and vulnerabilities that could impact products and their technology stack components and help product teams identify solutions that meet security requirements.
  • Review security test results from vulnerability scans, penetration testing for true positives and propose appropriate remediation measures or mitigation controls
  • Serves as security technical lead resource and subject matter expert (SME) across all Studio content platforms and services for operational, enhancement, and related activities.
  • Partner with the business and engage in secure technical design of cloud solutions based on use cases and business requirements
  • Participate in proof of concepts and other technical evaluations of technologies, designs and solutions and provide recommendations
  • Serves as security technical lead resource and subject matter expert (SME) across all Studio content platforms and services for operational, enhancement, and related activities.
  • Interfaces with IT mission partners, including Networking, Architecture, and Project Delivery, to deliver content security business value
  • Establishes and maintains good working relationships with all team members, partners, and customers.
  • Advocates for new/enhanced Security services on behalf of customers
  • Understands what vulnerabilities are and how to assist teams in remediation of them.
  • Contributes requirements to technology selection process
  • Stay abreast of emerging technologies and threats as well as proactively assess and evaluate the adoption thereof into the organization
  • Reduce time-to-detect and time-to-remediate by driving the automation of applied threat intelligence and sensor enrichment
  • Support studio partners, in the testing and deployment phases of all security solutions initiatives, to ensure smooth operational knowledge development and transition.
  • Collaborate with studio partners to ensure all new Security technology deployments include appropriate support documentation and that Security Operations team members are fully trained to take responsibility for monitoring, ongoing support, routine engineering, and operation of the new security technology.
  • Develop and expand API framework to interconnect Security Tools
  • Responsible for input and feedback on security architectures
  • Apply adept understanding and experience with systems automation platforms and technologies
  • Engage in efforts that shape the organization’s security policies and standards for use in cloud environments
  • Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders ranging from business leaders to engineers
  • Direct and influence multi-disciplinary teams in implementing and operating Cyber Security controls
  • Collaborate with application development and infrastructure teams to deliver creative solutions to difficult technology challenges and business requirements
  • Provide subject matter expertise on information security architecture and systems engineering to other IT and business teams
  • Responsible for automating security controls, data and processes to provide improved metrics and operational support
  • Employ cloud-based APIs when suitable to write network/system level tools for safeguarding cloud environments
  • Spot and execute new security technologies and best practices into the company’s cloud offerings.
  • Mentor Security personnel, to help develop others and to highlight any coverage or skills gaps.
  • Must be able to contribute or build policies and procedures around Cloud Security.
  • Perform cross-functional troubleshooting of complex issues, as required
  • Adhere to all policies, rules, regulations, and procedures.
  • Perform other duties or functions as requested by management.

Experience and qualification

  • 6-10 Years of experience in cybersecurity and cloud infrastructure engineering/architecture with MS/BS degree in Information System management / Computer Science / Information Security or a related technical discipline
  • Significant penetration testing experience and offensive capabilities in numerous core competency areas including web applications, mobile applications, networks, cloud infrastructure
  • Experience and hands-on expertise in tuning of network sensors like IDS/IPS, DDOS, WAF Technologies.
  • Domain expertise of network security sensors such as IDS/IPS, cloud security access broker, DDOS protections, Open DNS, Cloud9, CDN’s etc.
  • Detailed understanding of Network Technologies Routers, switches, Load Balancers, firewalls, proxy etc.
  • Detailed proficiency with Linux and Windows.
  • In depth understanding of TCP/IP protocols.
  • Experience with PKI, SSL, SSH, HTTPS etc.
  • Knowledge of RESTful web services (client – server application).
  • Hands on knowledge of Automation skills, Dev Ops skills etc.
  • System admin - Red Hat Linux/Unix, Windows – Experience and knowledge is mandatory.
  • Software development domain and principles, including design patterns, code structure, programming languages, continuous integration (Git), continuous deployment (Travis/Jenkins), and deployment orchestration (Chef, puppet, or equivalent).
  • Experience with open-source software security sensors (Bro IDS, Suricata, Snort, Molach etc.).
  • Experience with network protocols and deep packet inspection.
  • Experience with micro services.
  • Experience with container technologies such as Kubernetes and Docker.
  • Proven experience delivering large scale, highly available security solutions.
  • In-Depth Knowledge of Public Cloud such as AWS, Azure and GCP.
  • Relevant security certifications such as OSCP, ISC2 CISSP, SANS, CEH, etc. are a major plus.

Required skills

  • Must have excellent presentation and written/verbal communication skills
  • Experience in technical project management/leading large-scale technology initiatives
  • Strong analytical, organizational and decision-making skills
  • Willingness to travel occasionally domestically
  • Excellent leadership and teamwork skills
  • Strong negotiator, self-motivated, and outgoing
  • Proven track record of driving application security assessments for an organization

Job-Related Education

  • Bachelor's degree in Computer Science, Information Systems, IT Engineering, or a related field
  • AWS-SAA, AWS-CSS, AZ-500, MS-500, AZ-300, CCA, CCP, CCSK, Cloud+, CEH, Pentest+, Linux+, Network+, LPIC-1, GSEC, GCIH, HashiCorp Associate, MCSE, VCP-CMA



Additional Information!:


About Studios Content:

The Studios Content group encompasses a collection of world-class entertainment studios that produce high-quality cinematic storytelling for both theatrical and streaming release. It is also home to Disney Theatrical Productions, producer of popular stage shows on Broadway and around the world.

About The Walt Disney Company:

The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.

This position is with Walt Disney Pictures, which is part of a business we call Studios Content.

Walt Disney Pictures is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.

Apply NowApply Later

Watch Our Jobs

Sign up to receive new job alerts and company information based on your preferences.

For Disney Job Alerts to work, JavaScript must be enabled in your browser.