Disney Streaming Services Information Security team's mission is to protect services, data, and technology assets of the organization, partners, and cast members. In concert with Disney's Global Information Security group, the DSS team works on initiatives that prevent, detect, and respond to malicious activity. Risk and threat assessment, incident response, security architecture, vulnerability management, governance and compliance, security awareness and training, security operations, among many other efforts make up the information security program.
This is a key role within the Information Security department that will be focused on application security for our streaming media service and other supporting applications. The application security engineer will be a valued partner to development and engineering teams to ensure secure architectures, patterns, and solutions are created and maintained. Creation and execution of a training and awareness program for secure development and best practice is a key component of the role. This person will work closely with Disney's application security team and will build a community of practice with developers within DSS to support effective communication and collaboration. This person will be the subject matter expert for secure code development and will work with various application engineering teams to develop alternatives for remediation of vulnerabilities.
Create and lead secure code working group with liaisons from various application and services engineering teams.
Utilize security tools for the appsec program such as static and dynamic code analysis tools and develop continual improvement program.
Coordinate red teams and penetration testers to facilitate exercises and work with application engineering teams on remediation. Oversee remediation efforts
Assist with code reviews and create secure reusable patterns.
Review application designs and solutions. Provide assessments.
Lead secure code training and awareness program.
Participate in information security operations duties, including occasional incident response escalations.
Perform risk and threat assessments.
3+ years of relevant experience
Experience with application security
Experience in application development with at least one modern programming language.
Knowledge of OWASP
Knowledge of DevOps and Agile methods
Experience performing code reviews and with associated applications such as static code analysis tools (Checkmarx, Vericode) in several languages
Knowledge of web application architectures
Knowledge of threat modeling
Knowledge of dynamic code scanners such as AppScan or Qualys.
Media industry experience
Other security experience such as incident handling (from appsec perspective), architecture, operations, GRC, etc.
Cloud technology, specifically AWS
4-year degree or work experience equivalent
CISSP, GIAC, or similar certification
About Disney Streaming Services:
Disney Streaming Services is responsible for developing and operating The Walt Disney Company's direct-to-consumer video businesses globally, including the ESPN+ premium sports streaming service; Disney+, the dedicated streaming home for entertainment from Disney, Pixar, Marvel, Star Wars, National Geographic and BAMTECH Media, a global leader in direct-to-consumer video streaming products and solutions. Our core mission is to deliver global audiences the freedom to access content on their terms across any connected device, time or location. We serve consumers by bringing the world's most beloved characters, timeless stories, legendary athletes, and epic sporting events to global audiences through best-in-class direct-to-consumer video services. We strive daily to imaginatively challenge convention with innovative technology that gives consumers the freedom to access content on their terms across any connected device, time or location.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with Disney Streaming Services, which is part of a business segment we call Disney Streaming Services.
Disney Streaming Technology LLC is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.
Apply Now Apply Later
Walt Disney Co.