Staff Engineer, Content & Information at The Walt Disney Company (Greater LA Area)

| Greater LA Area | Hybrid
Employer Provided Salary: $136,038-$182,490 Annually
Salary data is provided by the employer. Please note this is not a guarantee of compensation.
Sorry, this job was removed at 11:26 p.m. (CST) on Thursday, August 10, 2023
Find out who's hiring in Los Angeles, CA.
See all Cybersecurity + IT jobs in Los Angeles, CA
By clicking Apply Now you agree to share your profile information with the hiring company.
The Staff Engineer, Content Security, reports into the Director of Application and Cloud Security at The Walt Disney Studios based in Burbank. This role is part of the team that is responsible for validating that our content creation and delivery platforms, services, applications, workflows, and websites are designed and implemented to the highest security standards. You will be responsible for assisting in the secure design and analysis of on-premise and cloud-based infrastructure and applications where studio content is produced. This is a deeply technical role, requiring a solid understanding and experience implementing a variety of cloud infrastructure solutions and services, as well as network security, identity, cyber security, privileged access, and related technologies, using solid design principles.
  • Conduct security architecture and design reviews of Disney and 3rd party managed applications and cloud infrastructure, documenting issues related to infrastructure, application and content security.
  • Lead in-depth security assessments of complex workflows spanning multiple applications, performing and/or coordinating multiple security assessment workstreams such as threat modeling, penetration testing, DAST scanning, and code review.
  • Review output from Dynamic Application Security Testing (DAST) tools executed by junior engineers, and provide feedback on results.
  • Evaluate the security posture of cloud environments through manual review and automated tooling. Review output from Cloud Security Posture Management (CSPM) tools. Provide guidance to junior engineers as to the results of each scan and approaches to remediating issues.
  • Conduct hands-on security testing of web, mobile applications and cloud-based services. Be capable of identifying traditional application-level issues such as injection, authentication and misconfiguration vulnerabilities, but also identify vulnerabilities that lead to bypass of content security controls.
  • Maintain current knowledge of security threats and vulnerabilities that could impact products and their technology stack components and help product teams identify solutions that meet security requirements.
  • Contribute to technical deep dive meetings with both internal and external application teams. Document in detail the technical stack and security features of products or services being discussed.
  • Participate in proof of concepts and other technical evaluations of technologies, designs and solutions and provide recommendations and security requirements.
  • Serve as a point of escalation/mentor for junior engineers, and provide guidance on use of DAST, SAST, CSPM tools and application/cloud security best practices. Participate in the evaluation of security tools used across the organization.
  • Participate in meetings with corporate security and other security partners across the company and studios, and provide input on tactics or strategies for consuming shared services provided by these teams.
  • Document secure configuration guidance for products being assessed, clearly and concisely identifying key product features used to secure studio content.
  • Establish and maintain good working relationships with all team members, partners, and customers.
  • Stay abreast of emerging technologies and threats as well as proactively assess and evaluate the adoption thereof into the organization.
  • Reduce time-to-detect and time-to-remediate by driving the automation of applied threat intelligence and sensor enrichment.
  • Support studio partners, in the testing and deployment phases of all security solutions initiatives, to ensure smooth operational knowledge, development and transition.
  • Engage in efforts that shape the organization's security policies and standards for use in cloud environments.
  • Interpret security and technical requirements into business requirements and communicate security risks to relevant stakeholders ranging from business leaders to engineers.
  • Direct and influence multi-disciplinary teams in implementing and operating Cyber Security controls.
  • Collaborate with application development and infrastructure teams to deliver creative solutions to difficult technology challenges and business requirements.
  • Employ cloud-based APIs when suitable to write network/system-level tools for safeguarding cloud environments.
  • Spot and execute new security technologies and best practices into the company's cloud offerings.
  • Adhere to all policies, rules, regulations, and procedures.
  • Perform other duties or functions as requested by management.

Basic Qualifications
  • 7 - 10 Years of experience in cybersecurity and cloud infrastructure engineering/architecture with MS/BS degree in Information System Management / Computer Science / Information. Security or a related technical discipline.
  • Significant penetration testing experience and offensive capabilities in numerous core. competency areas including web applications, mobile applications, networks, cloud and infrastructure.
  • Basic knowledge of content security controls such as DRM, and visible and forensic watermarking is required.
  • Detailed understanding of Network Technologies Routers, switches, Load Balancers, firewalls, proxy etc.
  • Solid understanding of network and security protocols including TCP/IP, IPSEC, SSL, TLS and HTTPS.
  • Knowledge of RESTful web services (client-server application).
  • Strong familiarity with CI/CD principals, tools and services.
  • Knowledge of and experience in the area of security operations is a plus.
  • Experience of and securing a microservices environment is a requirement. Along with demonstrable knowledge of container technologies such as Kubernetes and Docker and securing such environments.
  • Working knowledge of languages including JavaScript, Python and Java.
  • Proven experience securing large-scale, highly available security solutions is required.
  • In-Depth Knowledge of Public Cloud such as AWS, Azure and GCP.
  • Relevant security certifications such as OSCP, ISC2 CISSP, SANS, CEH, etc. are a major plus.

Preferred Qualifications
  • Must have excellent presentation and written/verbal communication skills.
  • Strong analytical, organizational and decision-making skills.
  • Willingness to travel occasionally.
  • Self-motivated, and outgoing.
  • Proven track record of driving application security assessments for an organization.

Required Education
Bachelor's degree in Computer Science, Information Systems, IT Engineering, or a related field
CISSP, SANS, CEH, AWS-SAA, AWS-CSS, AZ-500, MS-500, AZ-300, CCA, CCP, CCSK, Cloud+, CEH, Pentest+, Linux+, Network+, LPIC-1, GSEC, GCIH, HashiCorp Associate, MCSE, VCP-CMA
The hiring range for this position in California is $136,038 to $182,490 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.
Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
    • C++Languages
    • JavascriptLanguages
    • PHPLanguages
    • PythonLanguages
    • ScalaLanguages
    • SqlLanguages
    • SwiftLanguages
    • Backbone.jsFrameworks
    • DjangoFrameworks
    • HadoopFrameworks
    • JSFFrameworks
    • MeteorFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks

An Insider's view of The Walt Disney Company

How does the company support your career growth?

Over my 13 years with the company, I’ve had passionate leaders and colleagues with diverse backgrounds who have taught me and given me opportunities to expand into areas I never thought possible. You have the freedom to take career risks and apply your previous experience in ways you may not anticipate.


Product Management Director

What is your vision for the company?

Disney has always been at the heart of the evolution of the media industry, and technology is an essential part of that. The way that we tell and consume stories in the future is going to be completely different than it is today, and The Walt Disney Company is uniquely positioned to shape and create that future.


SVP/Chief Technology Officer, The Walt Disney Studios

What are The Walt Disney Company Perks + Benefits

The Walt Disney Company Benefits Overview

Because our employees and cast members are at the heart of everything we do, Disney offers a competitive total rewards package that includes pay, health and savings benefits, time-off programs, educational opportunities and more. Together, these rewards make up a comprehensive package that help you live your best life, grow personally and professionally and take advantage of the special extras that only Disney can provide.

Eligibility for certain reward programs will vary based on your job status, work location and/or the terms of any applicable collective bargaining agreement.

Volunteer in local community
Partners with nonprofits
Dedicated diversity and inclusion staff
Diversity employee resource groups
Hiring practices that promote diversity
Health Insurance & Wellness Benefits
Dental insurance
Vision insurance
Health insurance
Life insurance
Mental health benefits
Financial & Retirement
401(K) matching
Charitable contribution matching
Child Care & Parental Leave Benefits
Childcare benefits
Generous parental leave
Vacation & Time Off Benefits
Generous PTO
Paid holidays
Paid sick days

More Jobs at The Walt Disney Company

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about The Walt Disney CompanyFind similar jobs like this