Security Engineer - Security Architecture and Engineering

About The Position

Requirements

• 3+ years' experience in Security Architecture & Engineering
• 3+ years' experience securing workloads and services in public cloud environments (e.g., AWS, Azure, Google Cloud Platform), including implementing native cloud security controls, identity and policy management, and secure configuration of cloud services.
• Proven ability to create conceptual, logical, and physical security architecture diagrams, with a deep understanding of common vulnerabilities and countermeasures across systems and networks.
• Experience in designing and implementing security controls, including those for information protection, identity and access management (e.g., Kerberos, NTLM, Active Directory), and networking technologies (e.g., routing, switching, SDN, containerization, elastic compute).
• Strong working knowledge of risk analysis methodologies and the design of compensating controls in complex environments.
• Familiarity with leading cybersecurity frameworks and methodologies, such as NIST 800-53, NIST 800-30, MITRE ATT&CK, STRIDE, and general compliance programs and regulations (e.g., SOX, HIPAA, PCI DSS).

Nice To Haves

• 3+ years of experience in at least 2 of the following domains: Security and Risk Management, Asset Security, Communications and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, Software Development Security (including DevSecOps or secure coding practices)
• Familiarity with enterprise architecture frameworks such as TOGAF, and their application in aligning security requirements with business and IT strategies.
• Knowledge in applying cybersecurity principles in the implementation of Artificial Intelligence (AI)
• Security Certifications: CISSP, CCSP, AWS Certified Public Cloud Architect, CISM, CRISC, CISA, MCSE Cloud, VMWare VCP6 Cloud, EMCCA cloud computing Architect, or GIAC

Responsibilities

• Design, develop, and implement secure solutions and reference architectures that align with business objectives, enterprise standards, and evolving threats.
• Provide situation-based guidance during solution design, leveraging in-depth knowledge of security technologies, policies, and controls to ensure alignment with Disney's security requirements and industry best practices.
• Translate security requirements into scalable technical controls integrated across systems, applications, and cloud environments.
• Execute advanced risk and threat analysis activities, including threat modeling, architecture risk reviews, and vulnerability assessments.
• Incorporate internal incident trends and external threat intelligence to proactively shape security decisions and architectural guidance.
• Evaluate security posture across platforms and technologies, recommending pragmatic and business-aligned mitigations.
• Create and maintain security architecture artifacts such as reference architectures, control frameworks, design patterns, standards, and policies.
• Support governance through documentation of control mapping, compliance alignment (e.g., NIST, CIS, ISO 27001), and integration into solution development.
• Translate complex security issues into understandable terms and balanced recommendations that consider business context, impact, and feasibility.
• Facilitate security reviews and ensure follow-through on findings, including mitigation planning, exception tracking, and risk acceptance where appropriate.
• Document engineering designs, security findings, risk decisions, and solution status to support transparency, auditability, and knowledge-sharing across the organization.
• Ensure configuration standards align with internal policy, regulatory requirements, and industry benchmarks such as CIS Benchmarks, NIST 800-53, and DISA STIGs.