Senior Security Engineer - Software Engineer

The Walt Disney Company•Seattle, WA

19h

About The Position

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to: Secure the Magic by protecting information systems and platforms. Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. Strengthen the business through optimizing execution, application, and technology used to protect the Company. Innovate by investing in core capabilities to enhance operational efficiency. Our DevOps Platform Team builds and ships shared security infrastructure, governance tooling, and enterprise automation at scale — with a relentless focus on production quality and engineering craft. This team designs, develops and implements security automation tools and sites to help our customers focus on areas of risk. This role involves taking ownership of technical projects, collaborating with team members, and contributing to security automation initiatives.

Requirements

5+ years of experience with scripting languages like Python, Bash, and PowerShell with ability to build reliable automation
Strong knowledge of OpenSearch, PostgreSQL, and other data storage platforms including basic optimization techniques
Proficient knowledge of Infrastructure as Code tools (CloudFormation, Terraform, Azure Resource Manager, Google Deployment Manager) with experience managing multi-environment deployments
Proven ability to learn and maintain cutting-edge skills across multiple technical areas (Unix/Linux, Application Security, Vulnerability Management, etc.)
Experience with deployment of new software and maintenance of deployed software in production environments
Strong analytical and problem-solving skills with ability to troubleshoot distributed systems
Proven ability to design solutions for complex problems and contribute to process improvement initiatives
Experience handling confidential information and understanding of security best practices
Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience

Nice To Haves

Strong expertise in Cloud Platforms (AWS/GCP/Azure) with experience in cloud architecture
Proficiency in Terraform with experience managing infrastructure across environments
Python/YAML/JSON with backend development experience
Designing and implementing CICD pipelines through Jenkins, GitLab, or other enterprise tools
Container technologies (Kubernetes, Docker) and orchestration concepts
Knowledge of security frameworks and compliance standards (SOC2, ISO 27001, NIST)
Security scanning tools integration and vulnerability management platforms
Monitoring and observability tools (Prometheus, Grafana, ELK stack)
Understanding of network security concepts and implementation
Relevant security certifications (CISSP, CISM, AWS Security, etc.) preferred

Responsibilities

Work within the Security Development and Design team that is responsible for protecting the network and company assets from any security threats or attacks through the development of security automation capabilities
Architect and implement code deployment pipelines using GitLab or similar CI/CD processes
Design and optimize security tool deployments, introducing scalable processes across Cyber Security capabilities
Collaborate effectively with cross-functional teams and contribute to Information Security team efforts across the broad spectrum of information security programs
Design, develop, and implement reliable platforms needed to host Applications with security requirements
Build, maintain, and improve runbooks for application support and incident response procedures
Design and implement monitoring solutions for all aspects of applications, including alerting capabilities
Communicate effectively with stakeholders and contribute to technical decision-making
Take ownership of security automation projects and contribute to team initiatives
Research and evaluate new technologies and security tools to enhance team capabilities