Advertisement

Sr Security Engineer - Incident Response

| Orlando, FL | Hybrid
Sorry, this job was removed at 1:31 p.m. (CST) on Saturday, November 6, 2021
Find out who's hiring in Orlando, FL.
See all Cybersecurity + IT jobs in Orlando, FL
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Job Summary:The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle WA, Burbank CA, Bristol CT, and Orlando FL.
In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:

  1. Analysis of known and emerging threats to determine risks against TWDC assets
  2. Creation, maintenance, governance & communication of security policies and standards across TWDC
  3. Assessment and audit of compliance against the security policies and standards
  4. Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria

Responsibilities:Implement and Deliver the Incident Response Service

  • Conduct and lead incident response activities (triage, communications, containment, eradication, root cause determination, etc.) consistent with defined Incident Response processes and procedures
  • Perform in-depth analysis (e.g. log review) for security incidents involving various data and media types through the application of advanced methods, tools, and research techniques
  • Comprehensively document and track Incident Response actions in defined platforms/tools
  • Create, develop, and update Knowledge Base articles, runbooks/playbooks, processes, & procedures
  • Function as an escalation point for Notable items detected by SIEM, SOC, and other detection tools requiring analysis
  • Monitor internal and external threats; examine logs, events, and alerts generated by multiple platforms for anomalous, unwanted activity, or other suspicious conditions that may result in an Information Security incident
  • Prepare and/or deliver briefings, reports, and or presentations to leadership, team members, and security partners of ongoing activities, items, concerns, etc. as they relate to Information Security incidents and/or potential systemic Information Security concerns
  • Develop, foster, and maintain strong working relationships with the extended Incident Response team and key partners


Develop and Maintain Segment Relationships

  • Act as a liaison between InfoSec and Disney Media & Entertainment Distribution (DMED) organization
  • Engage with key stakeholders, evangelize the TWDC Incident Response Plan, and identify segment-specific requirements
  • Identify opportunities, deficiencies, and other areas for improvement in incident response readiness such as gaps in logging, access, or process. Partner with area owners to drive/own remediation
  • Generate/lead presentations, metrics, and other deliverables to both technical and exec populations


Perform other Functions

  • Compile and analyze both internal and external data in order to author threat assessments reports, security readiness position papers, etc.
  • Establish and leverage both internal and external relationships to obtain cyber threat information with context for how it impacts TWDC
  • Maintain currency with external trends, reports, research, etc. to maintain an effective security posture
  • Provide input, trends or analytical support to the Enhanced Detection team to discover anomalous traffic, behaviors or patterns related to new threat activity, policy violations, etc.
  • Support the eDiscovery team in the process of searching, locating, processing, reviewing, and securing data with the intent to use it as evidence for legal cases
  • Collaborate with the Security Awareness team to help identify and support the development of new security training material based on lessons learned or new emerging issues
  • Provide analytical support and/or other input to facilitate Sensitive Information Protection, Insider Risk, Employee Relations, Legal, or Human Relations efforts


Facilitate or Conduct Forensic Analysis

  • As needed or required, conduct or facilitate the collection of forensic images/evidence files
  • Conduct system forensic examination to determine root cause of an issue
  • Develop or review formal forensic examination reports for publishing or distribution


Basic Qualifications:

  • 7 years of practical technology experience - 5 years of which in an information security discipline
  • Knowledge of information security components, principles, practices, and procedures
  • Knowledge of web application, infrastructure, and Internet security along with a general understanding of common operating systems, networking protocols, database, and application development
  • Experience in digital analysis, such as log review, computer, or network forensics
  • Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment. Ability to rapidly assess a situation and identify, isolate and communicate problems and issues
  • Excellent communication skills (both oral/written) including ability to clearly communicate risks and risk management issues to technologists and non-technologists
  • Ability to investigate complex scenarios and solve problems
  • Strong technical writing skills
  • Willingness to participate in an on-call rotation, including the possibility of working nights, weekends, and/or holidays as required by incident response activities
  • Ability to function both independently and as part of a team


Preferred Qualifications:

  • Prior experience as a SOC Analyst, Incident Responder, or Forensic Analyst
  • Python or other scripting languages
  • Experience with building Splunk queries and dashboards
  • Experience with data manipulation and query in a linux environment (eg, sed, awk ,grep, etc)
  • Experience with cloud-based systems (AWS, Azure, GCP) from both an operational and response perspective


Preferred Education

  • BA/BS in information technology, computer science, computer engineering or equivalent
  • CISSP, SANS GIAC (GCIA, GCIH, GCED, GCFA, GSEC)


Additional Information:DISNEYTECH
#LI-JH8

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
    • C++Languages
    • JavascriptLanguages
    • PHPLanguages
    • PythonLanguages
    • ScalaLanguages
    • SqlLanguages
    • SwiftLanguages
    • Backbone.jsFrameworks
    • DjangoFrameworks
    • HadoopFrameworks
    • JSFFrameworks
    • MeteorFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks

An Insider's view of The Walt Disney Company

How does the company support your career growth?

Over my 13 years with the company, I’ve had passionate leaders and colleagues with diverse backgrounds who have taught me and given me opportunities to expand into areas I never thought possible. You have the freedom to take career risks and apply your previous experience in ways you may not anticipate.

Chase

Product Management Director

What is your vision for the company?

Disney has always been at the heart of the evolution of the media industry, and technology is an essential part of that. The way that we tell and consume stories in the future is going to be completely different than it is today, and The Walt Disney Company is uniquely positioned to shape and create that future.

Jamie

SVP/Chief Technology Officer, The Walt Disney Studios

What are The Walt Disney Company Perks + Benefits

The Walt Disney Company Benefits Overview

Because our employees and cast members are at the heart of everything we do, Disney offers a competitive total rewards package that includes pay, health and savings benefits, time-off programs, educational opportunities and more. Together, these rewards make up a comprehensive package that help you live your best life, grow personally and professionally and take advantage of the special extras that only Disney can provide.

Eligibility for certain reward programs will vary based on your job status, work location and/or the terms of any applicable collective bargaining agreement.

Culture
Volunteer in local community
Partners with nonprofits
Diversity
Dedicated diversity and inclusion staff
Diversity employee resource groups
Hiring practices that promote diversity
Health Insurance & Wellness Benefits
Dental insurance
Vision insurance
Health insurance
Life insurance
Mental health benefits
Financial & Retirement
401(K)
401(K) matching
Charitable contribution matching
Child Care & Parental Leave Benefits
Childcare benefits
Generous parental leave
Vacation & Time Off Benefits
Generous PTO
Paid holidays
Paid sick days

More Jobs at The Walt Disney Company

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about The Walt Disney CompanyFind similar jobs like this