Skip Navigation
Find job opportunities in other countries japen-menu Back
Choose a Language

Help tell our stories in the most innovative ways!

Sr. Security Specialist

Apply Now Apply Later Job ID 598159BR Location New York, New York, United States Business Marvel Entertainment Date posted Oct. 02, 2018

Job Summary:

We are looking for seasoned Information Security Professional with 7+ years of experience in security operations, application development security, infrastructure security, security risk assessments, audits, compliance, governance, high-level risk management.

Responsibilities:

  • Security architecture design, administration, and support for ongoing IT and Web initiatives
  • Provide security protection to company’s information technology systems and data
  • Security risk assessment and remediation for business processes, enterprise infrastructure and applications
  • Conduct periodically risk assessments, vulnerability assessments and threat analyses to be able identifying and managing associated risks
  • Develop and facilitate deployment of information security governance documents: policies, frameworks, programs, procedures, and audits
  • Define, develop, and implement security models for Intellectual Rights Management, data confidentiality classification
  • Proactively monitor security threats and vulnerabilities; event management and logging, identify and prevent potential intrusions using SIEM, DLP, IPS/IDS, other tools; advanced malware/Threat analysis and protection
  • Plan and execute security related projects, e.g., deploying new security solutions and best practices, providing guidance to company’s engineering and QA teams
  • Establish, monitor, evaluate and report key security performance and risk assessment indicators to provide management with accurate evaluation of the enterprise security state and the information security program effectiveness
  • Compliance assessment and reviews; alignment of security controls for business processes and applications with applicable regulatory governing documents like SOX, PCI, COPA, Safe Harbor, ISO 27001, OWASP
  • Develop and maintain User Security Awareness program,; organize and provide security training to employees, contractors, interns
  • Monitor and study relevant media and specialized vendor resources, provide assessment and recommendations to address emerging threats, vulnerabilities
  • Site Security Assessment of corporate premises, third parties, cloud services

Basic Qualifications:

  • A Bachelor or Master’s degree preferred, Computer Engineering or Computer Science; required at least 7 years of progressive information security experience
  • One of Major InfoSec Certifications (CISSP, CISM, SANS) is a must
  • Information Security Architecture
  • Integration with Business, Information, Technology architectures
  • Securing business processes, applications, and infrastructure
  • Security aspects for N-tiered application architecture and web based applications
  • Authentication, authorization, data confidentiality, non-repudiation, integrity, audit logging
  • Linux and Windows scripting, command line utilities (like Shell, Visual Basic, Perl, Python, awk)
  • Security policies and best practices; developing governance documents, certificate management
  • Identity management and role based user access control, end point security
  • Password management and SSO implementation
  • Network security, TCP/IP, DNS, DMZ, Firewalls, Application Firewalls (Web, XML, Database), best practice design and deployment; hardening hardware/software, secure VPN and FTP, Forward and reverse proxies
  • Virtualized, cloud, mobile environments, MDM
  • Security specifics in applications development and custom codes - PHP, ASP, Java, C# platforms
  • Hardening J2EE, Tomcat, Web servers (IIS, Apache)
  • Windows and Linux security models, basic administration and audit
  • Databases (Oracle, MS SQL) – audits, data encryption at rest and in transit
  • Browser security concepts (e.g. Tokens), risks (e.g. XSS); configuring SSL/TLS, PKI servers
  • LDAP (Oracle Sun One preferred), Active Directory, including administration and design of custom LDAP schemas
  • Vulnerability assessments and IT auditing
  • Incident response and digital forensics experience
  • Experience in organizing and leading projects with managed security service providers
  • Assess and manage Third parties Security

About Marvel Entertainment:

Marvel Entertainment, LLC, a wholly-owned subsidiary of The Walt Disney Company, is one of the world's most prominent character-based entertainment companies, built on a proven library of over 8,000 characters featured in a variety of media over seventy years. Marvel utilizes its character franchises in entertainment, licensing and publishing.

About The Walt Disney Company:

The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.

This position is with Marvel Entertainment, LLC, which is part of a business segment we call Marvel Entertainment.

Marvel Entertainment, LLC is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.

Apply Now Apply Later