Principal Security Engineer

Who We Are

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.

The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to:

• Secure the Magic by protecting information systems and platforms.

• Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.

• Strengthen the business through optimizing execution, application, and technology used to protect the Company.

• Innovate by investing in core capabilities to enhance operational efficiency.

What You Will Do

We Are Hiring!  We need a Principal Security Engineer to join our Team!

The role of Principal Security Engineer will report directly to the Director; Security Architecture and Engineering and is tasked with implementation and execution of key Technical Cyber Protections (TCP) strategic objectives that support the maturation of the TCP program as defined by leadership.

The role will focus primarily on ensuring the health of foundational processes, technology, and data to enable the TCP and DE ISO teams to effectively and efficiently execute on key objectives that support DE ISO and TCP strategic goals. This includes identifying program inefficiencies and opportunities within TCP services, processes, and tools while working with DE ISO and TCP teams as well as customers to develop unique solutions to address gaps and inefficiencies.

Responsibilities:

• Supporting the Technical Cyber Protection Team's service catalog to ensure functions and features of relevant products and services meet or exceed business and customer expectations.

• Engaging with customers and key stakeholders to gather requirements for new products, features, and services, as well as collecting feedback to improve existing products, features, and services.

• Identifying key areas of opportunity such as process gaps, systemic security gaps, or technical risks that that can be addressed with TCP services or solutions or through development of new capabilities.

• Contributing to the development of strategic goals and objectives supporting TCP and DE ISO goals and driving execution of key objectives defined by leadership.

• Developing unique, scalable solutions to complex, technical problems in collaboration with TCP leadership to mature the Security Engineering service offerings. 

• Developing OKRs and/or KPIs in partnership with SecArch and Engineering leadership to inform executive leaders of program health and effectiveness.

• Providing support to customers to streamline onboarding to SAE and DE ISO services.

• Occasionally supporting operational monitoring, triage and investigation of security events, and host or participate in retrospectives to improve upon lessons learned from these events.

Must Have

• Minimum 10 years of related work experience supporting technical programs

• Experience with the following:

  • Building and managing scalable cloud and on-premises security services leveraging cloud native, internally developed, or COTS tooling.

  • Developing KRIs/OKRs/KPIs that track program health, effectiveness, and efficiency to inform program decision making process.

  • Secure control design and implementation of security process and technology across cloud, on-premises, and hybrid environments leveraging tools such as: web application firewalls, endpoint detection and response, automation and orchestration tooling, and security monitoring.

  • Subject Matter Expertise in integrating and orchestrating security process and tools with custom developed applications and services and/or third-party, SaaS, IaaS, and PaaS solutions

  • Operating within or supporting DevOps and DevSecOps practices and principles.

Nice to Have

• Expertise in common programming and scripting languages (Python, ruby, java, scala)

• Expertise with CI/CD tooling, developer pipelines, and Infrastructure as Code. (Github/lab, Jenkin, Terraform Enterprise, Cloud Formation, Artifactoy)

• Expertise with web services and platforms as a services. (AWS, GCP, Azure, Salesforce, Snowflake)

Education

• Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience

The hiring range for this remote position is $159,800 - $246,400 per year, which factors in various geographic regions. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.