Staff Content Security Engineer

1 Day ago • 7 Years + • Cyber Security • $138,900 PA - $186,200 PA

Job Summary

Job Description

The Staff Content Security Engineer at The Walt Disney Studios is responsible for conducting end-to-end site security assessments of vendors involved in the filmmaking process. This includes contacting vendors, understanding workflows, executing assessments against 300+ security controls, identifying misrepresentations, inspecting IT infrastructure, validating compliance, documenting findings, and communicating requirements. The role also involves contributing to the Content Security control framework by writing controls, drafting questionnaires, creating applicability matrices, and writing test guidance. Additional responsibilities include running proof-of-concepts, traveling to offsite locations, and addressing last-minute requests. The ideal candidate will possess advanced knowledge of cloud security, experience in media & entertainment, strong communication and analytical skills, and a broad technology expertise encompassing various systems and security tools.
Must have:
  • 7+ years in InfoSec/related fields
  • Cloud security expertise (AWS, Azure, GCP)
  • Media & Entertainment experience
  • Security assessments & vulnerability analysis
  • Strong communication & documentation skills
  • Travel up to 25%
Good to have:
  • CISSP, CISA/CISM, CEH
  • Studio IT systems knowledge
  • Zero Trust Network Access (ZTNA) knowledge
Perks:
  • Bonus
  • Long-term incentive units
  • Full range of medical, financial, and other benefits

Job Details

Job Summary:

The Content Security Staff Engineer reports into the Sr Manager of the Content Site Security program at The Walt Disney Studios based in Glendale, CA. The modern filmmaking process is highly complex with dependencies on an entire eco-system of 3rd party strategic partners, suppliers and vendors. This program provides assessment, consulting and advisory services to ensure the entire supply chain remains robust and resilient and allows The Walt Disney Studios' to securely create films, features and series seen across the world.

Responsibilities:

  • Run end-to-end Site Security assessments, specifically:
    • Contacting vendors to schedule and scope assessments
    • Understand the filmmaking process and various vendor workflows
    • Executing the assessment
    • Assess vendor against a set of over 300+ security controls
    • Identify intentional or unintentional misrepresentation of security compliance
    • Perform detailed inspection and analytics on various IT infrastructure configuration ranging from network, storage, endpoint devices, and cloud-based assets
    • Perform real-time validation against attestation and documentation provided by the vendor
    • Identifying risk areas and corresponding test procedure associated with each service type, content workflow, and underlying infrastructure
    • Analyze assessment findings and document risks accordingly
    • Documenting assessment result, accurately and precisely communicating requirements, and publishing the completed report
    • Reviewing and negotiating vendor proposed mitigation plans and timelines
    • Validating remediation implementation to ensure identified risks have been adequately addressed
  • Contribute to Content Security’s control framework which includes:
    • Writing controls that secure both physical and digital assets.
    • Drafting questions for Content Security’s questionnaire that help evaluate a vendor’s compliance to each control.
    • Creating applicability matrix for each new control.
    • Writing test guidance to effectively identify non-compliant implementations.
  • Contribute to secure configuration guides used to assess and lockdown a variety of technologies used by vendors including virtual sets and virtual headsets
  • Run proof-of-concepts to help optimize the assessment workflow, this includes testing new processes and tools designed to drive efficiency with our assessment methodology  
  • Travel to offsite locations to address content security matters 
  • Follow the progress of productions and deal with last minute requests such as the assessment of ADR locations used for last minute production needs

Basic Qualifications:

  • Bachelor’s degree and/or equivalent work experience
  • 7 years of experience in information security and/or the following areas: security architecture, security engineering, production or network storage engineering, mobile device remote deployment and management, cybersecurity incident investigations, experience with cloud technologies
  • Ability to travel up to 25% domestically and/or internationally, as needed
  • Advanced knowledge of cloud security and infrastructure environments for popular cloud providers (AWS, Azure, GCP)
  • Prior experience in an architecture, development, engineering, or senior technical role
  • Experience providing product ownership for solutions supporting the Media & Entertainment industry
  • Ability to work in a highly distributed matrixed environment
  • Ability to adapt to new technologies and trends
  • Strong communication (written and verbal, including presentation) and listening skills
  • Strong documentation skills
  • Experience in technical project management/leading large scale technology initiatives
  • Strong analytical, organizational and decision-making skills
  • Strong negotiation skills
  • Broad technology expertise with application, system integration, data, and/or infrastructure knowledge
    • Storage solutions (e.g., SAN, NAS, encrypted storage devices, cloud cache and storage buckets)
    • Digital file transfer tools (e.g., Aspera, Signiant)
    • Centralized secure configuration of Linux, Windows, and Mac based servers and endpoints
    • Directory Services (e.g., Active Directory, Open Directory, LDAP)
    • Device management (e.g., Microsoft InTune, Jamf, Puppet, Ansible)
    • Change and patch management solutions (e.g., SCCM, Munki, PDQ Deploy)
    • OS hardening best practices for both servers and workstations
    • Endpoint protection and Data Loss Prevention solutions
  • Strong understanding of secure network principles of perimeter devices, servers, and workstations
    • Working knowledge of configuring and maintaining firewalls and network switching / routing devices (e.g., Palo Alto, Sonicwall, Fortinet, Brocade, Cisco, HP)
    • LAN, WAN, TCP/IP connectivity and security protocols (Point-to-Point, MPLS, VPN)
    • Network architecture and layer 2 and Layer 3 routing principles
    • Network authentication standards 
  • Strong understanding of Infrastructure as a Service (IaaS) and Infrastructure as Code (IaC)
  • Expert knowledge in cloud security auditing tools
  • Working knowledge of configuring and maintaining cloud compute and storage nodes
  • Provisioning and deprovisioning cloud tenants
  • Working knowledge of Virtual Private Cloud (VPC) network access control lists
  • Working knowledge of Web Application Firewalls (WAFs)
  • Vulnerability scanning, SIEM and common methods of exploiting vulnerabilities
  • Computer investigation processes and techniques

Preferred Qualifications:

  • Degree in the following fields:  Computer Science, Information Systems, IT Engineering, or a related field.
  • CISSP, CISA/CISM, or CEH designations
  • Knowledge of studio IT systems, including production and post-productions environments
  • Knowledge of feature film production and post-production industries, services, and workflows (e.g., DI, editing, visual/audio effects, encoding, on-set support)
  • Knowledge of Zero Trust Network Access (ZTNA)


 


The hiring range for this position in Glendale, CA is $138,900 to $186,200 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

Similar Jobs

Ajmera Infotech - Senior Azure DevOps Engineer (IaaS)

Ajmera Infotech

Ahmedabad, Gujarat, India (On-Site)
1 Month ago
Aristocrat Gaming - Senior Systems Reliability Engineer (SRE)

Aristocrat Gaming

Austin, Texas, United States (Hybrid)
1 Month ago
Turbulent - Senior DevOps Engineer

Turbulent

Montreal, Quebec, Canada (On-Site)
1 Month ago
Assystems - DevOps Engineer

Assystems

Gurugram, Haryana, India (On-Site)
6 Months ago
Nagarro - Staff Engineer (Cloud Infrastructure)

Nagarro

Gurugram, Haryana, India (On-Site)
6 Months ago
ByteDance - Security Governance Engineer

ByteDance

San Jose, California, United States (On-Site)
2 Weeks ago
Google - Software Engineer III, Security/Privacy, Google Cloud Compute Infrastructure

Google

Sunnyvale, California, United States (On-Site)
1 Week ago
Google - Customer Engineer, Google Cloud Security

Google

Taipei City, Taiwan (On-Site)
1 Day ago
Microsoft - Technical Support Engineer

Microsoft

(Hybrid)
1 Day ago
Universal Music - Principal Application Security Engineer

Universal Music

Santa Monica, California, United States (Remote)
1 Month ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Google - Systems Development Engineer III

Google

Hyderabad, Telangana, India (On-Site)
1 Week ago
Ajmera Infotech - Senior Azure DevOps Engineer (IaaS)

Ajmera Infotech

Hyderabad, Telangana, India (On-Site)
1 Month ago
Hitachi - Azure Developer

Hitachi

Hyderabad, Telangana, India (Remote)
6 Months ago
Wargaming - DevOps Engineer (World of Warships, PC)

Wargaming

Belgrade, Serbia (Hybrid)
5 Days ago
Rackspace Technology - Support Data Engineer II

Rackspace Technology

San Antonio, Texas, United States (Remote)
1 Month ago
Activision - Expert Engineer, Accounts and Authentication

Activision

Dublin, County Dublin, Ireland (Hybrid)
6 Months ago
Interactive Brokers - Senior Platform Engineer - Design

Interactive Brokers

Fort Lauderdale, Florida, United States (Hybrid)
6 Months ago
Rackspace Technology - DevOps Engineer (AWS Terraform)

Rackspace Technology

India (Remote)
2 Months ago
ION - Senior Linux Systems Administrator - Somerset, NJ

ION

Clifton, New Jersey, United States (Hybrid)
6 Months ago
The Walt Disney Company - Manager, Database Reliability Engineering

The Walt Disney Company

Washington, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Jobs in Glendale, California, United States

ByteDance - Machine Learning Scientist Graduate (Scaling AI for Biology (AI-for-Science))

ByteDance

Seattle, Washington, United States (On-Site)
2 Weeks ago
Zoox - Senior Software Engineer, Developer Experience

Zoox

Foster City, California, United States (On-Site)
6 Months ago
Onward Search - Director, Digital Marketing

Onward Search

Dallas, Texas, United States (Hybrid)
1 Month ago
Netflix - Associate, Ads Revenue & Yield Analytics

Netflix

Los Angeles, California, United States (On-Site)
1 Week ago
Google - Data Center Facilities Technician, Controls

Google

Las Vegas, Nevada, United States (On-Site)
1 Week ago
Flow - Senior/Staff Web Engineer

Flow

Palo Alto, California, United States (Hybrid)
6 Months ago
CharacterAI - Software Engineer, Core Product

CharacterAI

Menlo Park, California, United States (On-Site)
1 Month ago
ByteDance - Tech Lead Manager, Large Language Models & Generative AI

ByteDance

San Jose, California, United States (On-Site)
5 Months ago
Daybreak Game Company LLC - Customer Service Manager

Daybreak Game Company LLC

San Diego, California, United States (On-Site)
6 Months ago
ByteDance - Imaging Systems Lead - Smart Wearable

ByteDance

San Jose, California, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

PwC - Information Protection Senior Manager

PwC

Amsterdam, North Holland, Netherlands (Hybrid)
4 Months ago
PwC - IN-Senior Manager – ERP - Sales-Ms Dynamics– Advisory  - Gurgaon

PwC

Gurugram, Haryana, India (On-Site)
6 Months ago
ByteDance - Site Reliability Engineer, SealSuite

ByteDance

Singapore (On-Site)
2 Weeks ago
ByteDance - Research Scientist, Data Management and Security - Infrastructure System Lab

ByteDance

Seattle, Washington, United States (On-Site)
2 Weeks ago
Google - Senior Software Engineer, Security/Privacy

Google

Kirkland, Washington, United States (On-Site)
1 Day ago
ION - Network Security Engineer

ION

Italy (Hybrid)
6 Months ago
Google - Staff Software Engineer, Security/Privacy, Formal Verification

Google

Seattle, Washington, United States (On-Site)
1 Week ago
Britive - STRATEGIC ACCOUNT EXECUTIVE

Britive

(Remote)
5 Months ago
InMobiInMobi - Senior Cloud Security Engineer

InMobiInMobi

Bengaluru, Karnataka, India (On-Site)
2 Months ago
Google - Technical Solutions Consultant, Security

Google

Kuwait City, Al Asimah Governate, Kuwait (On-Site)
23 Hours ago

Get notifed when new similar jobs are uploaded

About The Company

From classic animated features and exhilarating theme park attractions to cutting edge sports coverage, and the hottest shows on television, The Walt Disney Company has been making magic since 1923, creating unforgettable stories that connect with audiences around the world. And we’re just getting started!

The key to our success…. The Cast, Crew, Imagineers and Employees who honor Disney’s rich legacy by stretching the bounds of imagination to create the never-before-seen, bringing unparalleled entertainment experiences to people of all ages. Begin a career that delivers unparalleled creative content and experiences to audiences around the world and just imagine the stories you could be part of…

What is #LifeAtDisney like? It’s a series of magical moments with cast members and employees developing and telling our stories in the most innovative ways. Whether it’s a day spent as a Disney VoluntEAR, or celebrating the release of a new interactive experience, retail product or movie, our days are filled with the knowledge that we are creating entertainment experiences the whole family can enjoy. Follow @DisneyCareers on Facebook, Twitter and Instagram for a peek behind-the-curtain, and discover how you could connect to a world of stories with Disney!

Glendale, California, United States (On-Site)

San Francisco, California, United States (On-Site)

New York, New York, United States (On-Site)

New York, New York, United States (On-Site)

New York, New York, United States (On-Site)

Celebration, Florida, United States (On-Site)

Lake Buena Vista, Florida, United States (On-Site)

Burbank, California, United States (On-Site)

View All Jobs

Get notified when new jobs are added by The Walt Disney Company

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug