Job Posting Title:

Manager, Red Team Operations

Req ID:

10112138

Job Description:

Who We Are

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.

The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to:

Secure the Magic by protecting information systems and platforms.

Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.

Strengthen the business through optimizing execution, application, and technology used to protect the Company.

Innovate by investing in core capabilities to enhance operational efficiency.

What You Will Do

We Are Hiring! We are looking to build our Team by hiring a Manager, Red Team Operations!

The GIS Red Team performs real world threat emulation with the continual goals of improving organizational readiness, providing advanced simulation for defensive teams, and assessing current control performance for critical TWDC assets. The goal of the Red Team is to continually drive prioritized improvements across TWDC enhancing the cyber security posture of the organization as well as provide the most accurate insight into the effectiveness of cyber security controls intended to protect TWDC’s most valuable assets.

This role is responsible for leading a team of highly skilled cyber security professionals conducting offensive security assessment activities across TWDC. You will coordinate with senior leadership to plan, oversee execution of assessments, and grow the program portfolio for the Red Team. 

Responsibilities include:

Supervise Red Team Operators, provide mentoring and coaching opportunities, and grow technical and presenting skills.

Scoping with stakeholders and executive leadership to identify scenario objectives.

Manage Red Team Operation execution life cycle: (recon, initial access, lateral movement/privilege escalation, scenario objective, exfiltration).

Organize reports and metrics for senior management to capture and track team activities.

Lead program administration of stand ups, briefings, and deliverables.

Develop strategic planning and execution of resources for continuous engagements throughout the year.

Serve as a force multiplier, outside of GIS, to provide deep knowledge perspectives to enhance IT security controls across TWDC through the lens of the Red Team. 

Must Have

Minimum of 8+ years of experience in a Red Team/Penetration Testing activities

3+ years of experience in a Leadership role

Experience with leading Red Team Operations 

Experience with web application and network penetration testing

Experience working with assessments tools/frameworks like Burp, Nessus, Metasploit, Mimikatz, and Cobalt Strike

Experience customizing/developing in-house scripts and tooling

Experience working with scripting and development languages like Bash, Powershell, Python, Perl, Ruby, PHP, C/C++,C#, and Java 

In-depth knowledge of operating systems (Unix/Linux, Windows, and Mac)

In-depth knowledge of networking protocols and systems administration

One or more of the following certifications:

OSCP – Offensive Security Certified Professional

GPEN – GIAC Penetration Tester

GIAC – GIAC Web Application Penetration Tester

Education

Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience

#DISNEYTECH

The hiring range for this remote position is $145,000-$223,600 per year, which factors in various geographic regions. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

Job Posting Segment:

Enterprise Technology

Job Posting Primary Business:

Corporate Global Information Security

Primary Job Posting Category:

Security Engineering

Employment Type:

Full time

Primary City, State, Region, Postal Code:

Burbank, CA, USA

Alternate City, State, Region, Postal Code:

Date Posted:

2025-02-12