Sr. Security Specialist
Burbank, CA

Job Description

Job Description

The Walt Disney Global Information Security - Assurance Services Team's mission is to deliver expert-level, real world penetration testing to gauge security and privacy controls across The Walt Disney Company. Further our mission is to build and deliver services, solutions and processes that enable security defects to found, fixed or avoided before applications are released to production. We are looking for a candidate who at a minimum possess deep knowledge web application security assessment skills and also seeks opportunities for their experience and skills to be applied beyond myopic penetration testing activities. If you seek an opportunity to work with some of the sharpest professionals in the field and play a larger role in driving solutions to improve application security at one of the most innovative and advanced technological entertainment companies in the world, then this position might be for you.

As a Senior Security Engineer, you will be responsible for web application testing, source code analysis, manual pen testing, and training. They will interact with Disney Business Units to discover, triage and resolve security vulnerabilities with manual and automated tools to enforce security criterion as part of a Secure Development Life Cycle on a continuous basis.

Job Type

Full Time

Segment

The Walt Disney Company (Corporate)

Category

Security

Basic Qualifications

* 3 years in Information Security Field
* Experience working with scripting and development languages like Bash, PowerShell, Python, Perl, Ruby, PHP, C/C++,C#, or Java
* In-depth knowledge of operating systems (Unix/Linux, Windows, and Mac
* Certifications: GPEN - GIAC Penetration Tester

Business

The Walt Disney Company (Corporate)

Required Education

BA/BS in business or computer science or appropriate work experience

Postal Code

91502

Responsibilities

* Provides situation based support, using in-depth knowledge of TWDC technology, to ensure systems are designed in accordance with and are aligned with Company security requirements; includes architecture assessments, secure development training, and conducting penetration testing.
* Reviews and presents reports penetration testing reruls to stakeholders and executives.
* Executes advanced risk and threat analysis activities, leveraging learnings from external and internal cyber trends and incidents
* In-depth knowledge of networking protocols and systems administration.
* Expert level web application, API's and network penetration testing skills.
* Familiar with penetration testing applications in the major cloud providers.
* Experience customizing/developing in-house scripts and tooling.
* Penetration Testing Execution Standard Automation Framework (PTES)
* Experience working with assessments tools/frameworks OWASP ZAP, Burp Suite, NMAP, Mass Scan, Nessus, Metasploit, Mimikatz,Tenable IO, Qualys, Kali Linux, SQLMap and manual tools

Job Description

The Walt Disney Global Information Security - Assurance Services Team's mission is to deliver expert-level, real world penetration testing to gauge security and privacy controls across The Walt Disney Company. Further our mission is to build and deliver services, solutions and processes that enable security defects to found, fixed or avoided before applications are released to production. We are looking for a candidate who at a minimum possess deep knowledge web application security assessment skills and also seeks opportunities for their experience and skills to be applied beyond myopic penetration testing activities. If you seek an opportunity to work with some of the sharpest professionals in the field and play a larger role in driving solutions to improve application security at one of the most innovative and advanced technological entertainment companies in the world, then this position might be for you.

As a Senior Security Engineer, you will be responsible for web application testing, source code analysis, manual pen testing, and training. They will interact with Disney Business Units to discover, triage and resolve security vulnerabilities with manual and automated tools to enforce security criterion as part of a Secure Development Life Cycle on a continuous basis.

Basic Qualifications

* 3 years in Information Security Field
* Experience working with scripting and development languages like Bash, PowerShell, Python, Perl, Ruby, PHP, C/C++,C#, or Java
* In-depth knowledge of operating systems (Unix/Linux, Windows, and Mac
* Certifications: GPEN - GIAC Penetration Tester

Required Education

BA/BS in business or computer science or appropriate work experience

Responsibilities

* Provides situation based support, using in-depth knowledge of TWDC technology, to ensure systems are designed in accordance with and are aligned with Company security requirements; includes architecture assessments, secure development training, and conducting penetration testing.
* Reviews and presents reports penetration testing reruls to stakeholders and executives.
* Executes advanced risk and threat analysis activities, leveraging learnings from external and internal cyber trends and incidents
* In-depth knowledge of networking protocols and systems administration.
* Expert level web application, API's and network penetration testing skills.
* Familiar with penetration testing applications in the major cloud providers.
* Experience customizing/developing in-house scripts and tooling.
* Penetration Testing Execution Standard Automation Framework (PTES)
* Experience working with assessments tools/frameworks OWASP ZAP, Burp Suite, NMAP, Mass Scan, Nessus, Metasploit, Mimikatz,Tenable IO, Qualys, Kali Linux, SQLMap and manual tools