Logo
The Walt Disney Company

Staff Content Security Engineer

The Walt Disney Company, Glendale, California, us, 91222

Save Job

The Content Security Staff Engineer reports into the Sr Manager of the Content Site Security program at The Walt Disney Studios based in Glendale, CA. The modern filmmaking process is highly complex with dependencies on an entire eco-system of 3rd party strategic partners, suppliers and vendors. This program provides assessment, consulting and advisory services to ensure the entire supply chain remains robust and resilient and allows The Walt Disney Studios' to securely create films, features and series seen across the world.

Responsibilities:

Run end-to-end Site Security assessments, specifically:

Contacting vendors to schedule and scope assessments

Understand the filmmaking process and various vendor workflows

Executing the assessment

Assess vendor against a set of over 300+ security controls

Identify intentional or unintentional misrepresentation of security compliance

Perform detailed inspection and analytics on various IT infrastructure configuration ranging from network, storage, endpoint devices, and cloud-based assets

Perform real-time validation against attestation and documentation provided by the vendor

Identifying risk areas and corresponding test procedure associated with each service type, content workflow, and underlying infrastructure

Analyze assessment findings and document risks accordingly

Documenting assessment result, accurately and precisely communicating requirements, and publishing the completed report

Reviewing and negotiating vendor proposed mitigation plans and timelines

Validating remediation implementation to ensure identified risks have been adequately addressed

Contribute to Content Security’s control framework which includes:

Writing controls that secure both physical and digital assets.

Drafting questions for Content Security’s questionnaire that help evaluate a vendor’s compliance to each control.

Creating applicability matrix for each new control.

Writing test guidance to effectively identify non-compliant implementations.

Contribute to secure configuration guides used to assess and lockdown a variety of technologies used by vendors including virtual sets and virtual headsets

Run proof-of-concepts to help optimize the assessment workflow, this includes testing new processes and tools designed to drive efficiency with our assessment methodology

Travel to offsite locations to address content security matters

Follow the progress of productions and deal with last minute requests such as the assessment of ADR locations used for last minute production needs

Basic Qualifications:

Bachelor’s degree and/or equivalent work experience

7 years of experience in information security and/or the following areas: security architecture, security engineering, production or network storage engineering, mobile device remote deployment and management, cybersecurity incident investigations, experience with cloud technologies

Ability to travel up to 25% domestically and/or internationally, as needed

Advanced knowledge of cloud security and infrastructure environments for popular cloud providers (AWS, Azure, GCP)

Prior experience in an architecture, development, engineering, or senior technical role

Experience providing product ownership for solutions supporting the Media & Entertainment industry

Ability to work in a highly distributed matrixed environment

Ability to adapt to new technologies and trends

Strong communication (written and verbal, including presentation) and listening skills

Strong documentation skills

Experience in technical project management/leading large scale technology initiatives

Strong analytical, organizational and decision-making skills

Strong negotiation skills

Broad technology expertise with application, system integration, data, and/or infrastructure knowledge

Storage solutions (e.g., SAN, NAS, encrypted storage devices, cloud cache and storage buckets)

Digital file transfer tools (e.g., Aspera, Signiant)

Centralized secure configuration of Linux, Windows, and Mac based servers and endpoints

Directory Services (e.g., Active Directory, Open Directory, LDAP)

Device management (e.g., Microsoft InTune, Jamf, Puppet, Ansible)

Change and patch management solutions (e.g., SCCM, Munki, PDQ Deploy)

OS hardening best practices for both servers and workstations

Endpoint protection and Data Loss Prevention solutions

Strong understanding of secure network principles of perimeter devices, servers, and workstations

Working knowledge of configuring and maintaining firewalls and network switching / routing devices (e.g., Palo Alto, Sonicwall, Fortinet, Brocade, Cisco, HP)

LAN, WAN, TCP/IP connectivity and security protocols (Point-to-Point, MPLS, VPN)

Network architecture and layer 2 and Layer 3 routing principles

Network authentication standards

Strong understanding of Infrastructure as a Service (IaaS) and Infrastructure as Code (IaC)

Expert knowledge in cloud security auditing tools

Working knowledge of configuring and maintaining cloud compute and storage nodes

Provisioning and deprovisioning cloud tenants

Working knowledge of Virtual Private Cloud (VPC) network access control lists

Working knowledge of Web Application Firewalls (WAFs)

Vulnerability scanning, SIEM and common methods of exploiting vulnerabilities

Computer investigation processes and techniques

Preferred Qualifications:

Degree in the following fields: Computer Science, Information Systems, IT Engineering, or a related field.

CISSP, CISA/CISM, or CEH designations

Knowledge of studio IT systems, including production and post-productions environments

Knowledge of feature film production and post-production industries, services, and workflows (e.g., DI, editing, visual/audio effects, encoding, on-set support)

Knowledge of Zero Trust Network Access (ZTNA)

The hiring range for this position in Glendale, CA is $138,900 to $186,200 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

Job ID:

10114438

Location:

Glendale,California

Job Posting Company:

The Walt Disney Studios

The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, email Candidate.Accommodations@Disney.com with your request. This email address is not for general employment inquiries or correspondence. We will only respond to those requests that are related to the accessibility of the online application system due to a disability.