Lead Security Engineer - Security Assurance

USA - FL - Kirkman Point 1, United States

⚠️ We'll shut down after Aug 1st - try foo🦍 for all jobs in tech ⚠️

Full Time Senior-level / Expert USD 63K - 147K * ^est.

The Walt Disney Company

The mission of The Walt Disney Company is to be one of the world's leading producers and providers of entertainment and information.

View all jobs at The Walt Disney Company

Apply now Apply later

Posted 9 hours ago

Job Posting Title:

Lead Security Engineer - Security Assurance

Req ID:

10126314

Job Description:

Who We Are:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.

The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to:

Secure the Magic by protecting information systems and platforms.
Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.
Strengthen the business through optimizing execution, application, and technology used to protect the Company.
Innovate by investing in core capabilities to enhance operational efficiency.

Team Description:

The Security Research and Testing (SRT) team specializes in simulating real-world cyberattacks to uncover vulnerabilities and evaluate the effectiveness of Disney Experiences (DX) and Disney Corporate (Corp) technology systems' security measures. By mimicking tactics used by malicious actors, the SRT team provides critical insights into potential weaknesses. They work closely with both technology and business teams across DX, Corporate and Enterprise technology teams to analyze findings, strengthen security policies, and recommend targeted improvements to address gaps in infrastructure, processes, and training, ensuring a robust and resilient security

posture.

What You Will Do:

We are hiring! We need a Lead Security Engineer – Security Assurance to join our Global Information Security - Security Research & Testing (SRT) Team (Corporate & Disney Experiences).

The Lead Security Engineer is responsible for leading, developing, and implementing strategies to protect DX computer systems, networks, and other digital assets from malicious attacks, including identifying and recommending vulnerabilities in existing systems.

Responsibilities:

Lead large-scale, complex, high-value testing engagements that span ambiguous or novel technical domains (e.g., bespoke platforms, integrated systems, AI/ML, ships and attractions).
Drive tactical-to-strategic alignment by transforming test findings into actionable engineering guidance, influencing roadmap decisions and risk prioritization.
Mentor and elevate team, providing both technical oversight and developmental coaching.
Represent our security testing function in enterprise-wide forums, ensuring technical clarity and credibility when engaging cross-functional partners.
Identify opportunities for process and technical improvement.
Provide guidance on the application and operation of security controls and communicate issues effectively to application owners.
Analyze the impact of emerging technologies on existing security systems and identify potential risks.

Must Have:

Minimum of 7 years of relevant experience in the field of Red Team Testing, Penetration Testing, Cyber Adversarial Simulations/Testing or similar field.
Expert knowledge of information security principles, practices, and procedures.
Experience with automation and scripting of applications and systems.
Understanding of cloud computing (AWS, Azure, GCP) from both operational and response perspectives with a focus on how to test cloud-based solutions.
Knowledge of common operating systems, networking protocols, databases, and applications.
Experience with running large-scale cyber testing engagements and projects.
Must be open to a flexible work schedule: both standard and non-standard hours, as well as occasional domestic and international travel.
Offensive Security OSCP certification, or equivalent.

Nice To Have:

PowerShell and/or Python scripting experience
Experience in automation and scripting of applications and systems
Proficient knowledge of Threat Actors and their tactics, techniques, and procedures
Offensive Security OSEP certification

Education:

Bachelor's degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience

#DISNEYTECH

Job Posting Segment:

Enterprise Technology

Job Posting Primary Business:

Corporate Global Information Security

Primary Job Posting Category:

Security Engineering

Employment Type:

Full time

Primary City, State, Region, Postal Code:

Orlando, FL, USA

Alternate City, State, Region, Postal Code: