Security Engineer

Job Posting Title:

Security Engineer

Req ID:

10120427

Job Description:

Who We Are

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.

The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to:

• Secure the Magic by protecting information systems and platforms.

• Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.

• Strengthen the business through optimizing execution, application, and technology used to protect the Company.

• Innovate by investing in core capabilities to enhance operational efficiency.

Team Description

The Product Security team exists to ensure that our guests are protected and have a magical experience. We protect our guests and the Disney brand by engaging with product development teams at every step of the product development lifecycle. We assess and influence product design, we analyze applications for flaws that may lead to security issues, and we provide penetration testing to ensure our products are secure. We are looking to add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work.

We are hiring a Security Engineer! This role will report to the Manager overseeing Flagship Pentesting and API Security Services. Our mission is to ensure the security and resilience of critical systems through specialized Penetration Testing and API Assessments.

Responsibilities of Role:

• Collaborate with engineers, consultants and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC).

• Perform activities such as secure code reviews, security testing and vulnerability triage across various  applications.

• Regularly interact with internal and external customers on security-related projects and operational tasks

• Design, build and deploy automation to scale the discovery and management of security vulnerabilities across all  applications and platforms.

• Develop security metrics delivery and improvements.

• Evaluate and recommend new security testing tools.

• Educating the engineering community on best practices for minimizing security risks.

Must Have

• Minimum of 3 years of experience in cybersecurity or related information technology disciplines.

• Strong understanding of security principles and practices.

• Experience with code review and assessment tools.

• Excellent communication and collaboration skills.

• Ability to work in a fast-paced and dynamic environment.

Nice To Have

• Experience in securing APIs.

• Penetration testing experience.

• Scripting skills, preferably in Python.

Education:

• Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience

The hiring range for this remote position is $99,600 - $153,500 per year, which factors in various geographic regions. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

Job Posting Segment:

Enterprise Technology

Job Posting Primary Business:

Corporate Global Information Security

Primary Job Posting Category:

Security Engineering

Employment Type:

Full time

Primary City, State, Region, Postal Code:

Burbank, CA, USA

Alternate City, State, Region, Postal Code:

Date Posted:

2025-05-06