Lead Security Engineer, Product Security

Job Posting Title:

Lead Security Engineer, Product Security

Req ID:

10120347

Job Description:

Who We Are

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.

The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.

Team Description:

The Product Security Team at The Walt Disney Company is dedicated to safeguarding the digital assets and intellectual property of one of the world's most beloved entertainment companies. Our team plays a crucial role in ensuring the security and integrity of Disney's diverse range of products and services, which span across theme parks, resorts, cruise lines, sports, news, movies, and various other businesses.

We are a dynamic and collaborative team that partners with engineering teams across the enterprise. Our mission is to mitigate technical risk by identifying vulnerabilities in Disney products, providing education to engineering teams on remediation techniques, and collaborating with other security teams to ensure the protection of our guests.

Our team is responsible for conducting security assessments, managing customer interactions, and developing security solutions that align with Disney's business strategies. We leverage cutting-edge technology and innovative approaches to enhance consumer experiences, enable business growth, and advance operational excellence.

What You Will Do:

We are hiring a Lead Security Engineer, Product Security to join our Team!

Responsibilities:

• Lead collaboration with engineers, consultants, and executive leadership to proactively identify and address complex security risks - shaping and driving mitigation strategies that integrate with the Secure Development Lifecycle (SDLC) at an organizational scale.

• Direct advanced secure code reviews, security testing, and vulnerability triage across a diverse portfolio of applications setting standards and best practices.

• Serve as a primary point of contact for both internal and external stakeholders on high-impact security initiatives, interpreting business and technical requirements to recommend and implement best-in-class solutions.

• Architect, build, and deploy innovative automation frameworks that scale the discovery, management, and remediation of security vulnerabilities across all applications and platforms, driving continuous improvement in security posture.

• Define, develop, and continuously enhance security metrics and reporting processes

• Evaluate, select, and champion the adoption of cutting-edge security testing tools and methodologies

• Lead educational initiatives and mentor the engineering community on advanced security concepts and emerging threats, successfully influencing adoption of best practices to minimize organizational risk.

Must Have:

• Over 10 years of progressive experience leading cybersecurity, development, and security engineering initiatives across diverse environments.

• Expert in applying advanced security principles and frameworks to architect and implement organization-wide solutions.

• Proven leader in evaluating, integrating, and standardizing code review and security assessment tools at scale.

• Exceptional communicator, adept at influencing stakeholders and mentoring teams on complex security topics.

• Demonstrates agility and innovation in fast-paced, dynamic settings, consistently delivering impactful security outcomes.

Nice To Have:

• Extensive experience designing and leading API security initiatives across the full lifecycle.

• Penetration testing expertise, identifying and remediating complex vulnerabilities.

• Expert Python scripting skills for automating security processes and developing custom tools.

Education:

• Bachelor’s degree in computer science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience

The hiring range for this remote position is $120,400 - $185,600 per year, which factors in various geographic regions. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

Job Posting Segment:

Enterprise Technology

Job Posting Primary Business:

Corporate Global Information Security

Primary Job Posting Category:

Security Engineering

Employment Type:

Full time

Primary City, State, Region, Postal Code:

Burbank, CA, USA

Alternate City, State, Region, Postal Code:

Date Posted:

2025-05-08