Job Posting Title:

Senior Security Engineer - Security Assurance

Req ID:

10112355

Job Description:

Who We Are:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.

The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to:

Secure the Magic by protecting information systems and platforms.

Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.

Strengthen the business through optimizing execution, application, and technology used to protect the Company.

Innovate by investing in core capabilities to enhance operational efficiency.

What You Will Do:

We are hiring!  We need a Senior Security Engineer – Security Assurance to join our Disney Experience (DX) Security Research & Testing (SRT) Team!

You will focus on performing advanced cyber security testing and developing and executing advanced cybersecurity testing strategies to safeguard DX’s digital ecosystems.  This includes safe-guarding and testing computer systems, networks, and applications, against malicious threats. You will also be responsible for identifying vulnerabilities in existing systems, recommending solutions, and driving the implementation of robust security measures. 

Key responsibilities include:

Conduct hands-on testing to identify exploitable weaknesses, guiding application and system owners in implementing security controls, and effectively communicating findings to stakeholders.

Collaborate closely with developers, system administrators, and other security teams to remediate vulnerabilities and strengthen the overall security posture. 

Core Testing: Perform advanced cybersecurity testing, including penetration testing, and adversarial simulations, across Disney Experience technology ecosystems. 

Identify, exploit, and document vulnerabilities in applications, networks, APIs, and infrastructure. 

Develop proof-of-concept attacks to demonstrate risks and educate stakeholders. 

Must Have 

Minimum of 5+ years of related IT security testing experience such as Penetration Testing, Adversarial Testing, Red Team Testing 

Proven experience conducting comprehensive cyber security testing of technology solutions within large-scale, complex, and dynamic IT environments. 

Proficient in system hardening testing for operating systems (Windows, Linux, macOS). 

Experience with Cloud Solutions (Azure, GCP, AWS) and Software as a Service (SaaS) solution.

Strong knowledge of network devices (routers, switches, firewalls) and their secure configurations, and configuration management & auditing tools.

Solid understanding of security frameworks and standards (NIST, CIS). 

  

Nice to Have

OffSec or other advanced security testing certifications

Major cloud provider platform certification (e.g. AWS Solution Architect, Google Cloud Engineer, Microsoft Solution Architect, etc.) 

Education

Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience

Security accreditation (e.g., CISSP, GCIH, CISM, GSEC, CEH, etc.) 

#DISNEYTECH

Job Posting Segment:

Enterprise Technology

Job Posting Primary Business:

Corporate Global Information Security

Primary Job Posting Category:

Security Engineering

Employment Type:

Full time

Primary City, State, Region, Postal Code:

Orlando, FL, USA

Alternate City, State, Region, Postal Code:

Date Posted:

2025-02-08