Sr. Security Specialist, Anomaly Detection
Burbank, CA

Job Description

Job Description

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance and protect these exciting experiences.

The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney's information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.

In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:

1. Analysis of known and emerging threats to determine risks against TWDC assets

2. Creation, maintenance, governance and communication of security policies and standards across TWDC

3. Assessment and audit of compliance against the security policies and standards

4. Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria

We look add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work.

The GIS Anomaly Detection Team is responsible for providing enhanced detection and threat hunting across the Enterprise in order to identify anomalous and malicious behaviors, develop rules for advanced threat detection through automation, and collaborate with Segments to enhance detection across the company.

Job Type

Full Time

Segment

The Walt Disney Company (Corporate)

Category

Security

Basic Qualifications

* 6+ years of experience in threat hunting/analysis, network assessments, or penetration testing in large enterprises.
* Experience with Cyber Threat Intelligence
* Basic understanding and experience with program or scripting languages (Python, PowerShell, C#, SQL, etc.)
* Thorough knowledge of securing web applications, technology infrastructure, and Internet security (Routers, Firewalls, etc.).
* Experience with multiple operating systems, networking protocols, databases, applications, network appliances and platforms
* Must be familiar with hacker methodologies, incident response procedures and Network Information Security Concepts
* Strong familiarity with MITRE ATT&CK Framework and cyber kill chain.
* Experience operating and leveraging a SIEM.
* Experience with Endpoint Detection and Response solutions.
* Experience with industry standard forensic and digital analysis tools.
* Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment. Ability to rapidly assess a situation and identify, isolate and communicate problems and issues.
* Excellent communication skills (both oral/written) including ability to clearly communicate risks and threats to technologists and business leaders.
* Ability to investigate complex scenarios and solve problems.
* One or more Information Security Certifications preferred (SANS - GMON, GCIH, GCIA, GPEN, GWAPT, CISSP, CEH, OSCP)
* Other industry certifications relating to IT and program Management preferred (ITIL, PMP, CISA, CISM, etc.)

Business

The Walt Disney Company (Corporate)

Required Education

* Associate's degree in computer science, information technology, computer engineering, or appropriate work experience

Postal Code

91502

Preferred Education

* BA/BS computer science, information technology, computer engineering, or appropriate work experience

Responsibilities

The Sr. Security Specialist, Anomaly Detection is responsible for a broad range of responsibilities with the primary focus of hunting for advanced threats that evade automated detection. This professional will hunt for and identify threats, anomalous behaviors and misconfigurations as well as seeking out policy violations of security control measures, identify the presence of questionable devices, discover insecure storage of credentials, evaluate network security posture, and determining internal security vulnerabilities that would allow unauthorized external access or potential "Insider Threat" activity.

The Specialist will understand the network, perform reviews of the overall Cyber Security posture to include current defensive and detection controls, security gaps, subsequent data aggregation to a central repository (SIEM), evaluate best business practices as applied to network security within diverse business segments across the company, and recommend mitigation actions for any findings. The Specialist will work closely with members across the Information Security team, and other internal organizations to ensure findings and recommended remediation are understood. The Specialist will leverage security technologies, attack methodologies, established procedures and industry best practices along with their respective "hunting" experience to improve the defensive posture of the Disney Global Network.

Job Description

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance and protect these exciting experiences.

The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney's information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.

In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:

1. Analysis of known and emerging threats to determine risks against TWDC assets

2. Creation, maintenance, governance and communication of security policies and standards across TWDC

3. Assessment and audit of compliance against the security policies and standards

4. Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria

We look add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work.

The GIS Anomaly Detection Team is responsible for providing enhanced detection and threat hunting across the Enterprise in order to identify anomalous and malicious behaviors, develop rules for advanced threat detection through automation, and collaborate with Segments to enhance detection across the company.

Basic Qualifications

* 6+ years of experience in threat hunting/analysis, network assessments, or penetration testing in large enterprises.
* Experience with Cyber Threat Intelligence
* Basic understanding and experience with program or scripting languages (Python, PowerShell, C#, SQL, etc.)
* Thorough knowledge of securing web applications, technology infrastructure, and Internet security (Routers, Firewalls, etc.).
* Experience with multiple operating systems, networking protocols, databases, applications, network appliances and platforms
* Must be familiar with hacker methodologies, incident response procedures and Network Information Security Concepts
* Strong familiarity with MITRE ATT&CK Framework and cyber kill chain.
* Experience operating and leveraging a SIEM.
* Experience with Endpoint Detection and Response solutions.
* Experience with industry standard forensic and digital analysis tools.
* Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment. Ability to rapidly assess a situation and identify, isolate and communicate problems and issues.
* Excellent communication skills (both oral/written) including ability to clearly communicate risks and threats to technologists and business leaders.
* Ability to investigate complex scenarios and solve problems.
* One or more Information Security Certifications preferred (SANS - GMON, GCIH, GCIA, GPEN, GWAPT, CISSP, CEH, OSCP)
* Other industry certifications relating to IT and program Management preferred (ITIL, PMP, CISA, CISM, etc.)

Required Education

* Associate's degree in computer science, information technology, computer engineering, or appropriate work experience

Preferred Education

* BA/BS computer science, information technology, computer engineering, or appropriate work experience

Responsibilities

The Sr. Security Specialist, Anomaly Detection is responsible for a broad range of responsibilities with the primary focus of hunting for advanced threats that evade automated detection. This professional will hunt for and identify threats, anomalous behaviors and misconfigurations as well as seeking out policy violations of security control measures, identify the presence of questionable devices, discover insecure storage of credentials, evaluate network security posture, and determining internal security vulnerabilities that would allow unauthorized external access or potential "Insider Threat" activity.

The Specialist will understand the network, perform reviews of the overall Cyber Security posture to include current defensive and detection controls, security gaps, subsequent data aggregation to a central repository (SIEM), evaluate best business practices as applied to network security within diverse business segments across the company, and recommend mitigation actions for any findings. The Specialist will work closely with members across the Information Security team, and other internal organizations to ensure findings and recommended remediation are understood. The Specialist will leverage security technologies, attack methodologies, established procedures and industry best practices along with their respective "hunting" experience to improve the defensive posture of the Disney Global Network.