Who We Are:
At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences.
The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.
The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to:
- Secure the Magic by protecting information systems and platforms.
- Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.
- Strengthen the business through optimizing execution, application, and technology used to protect the Company.
- Innovate by investing in core capabilities to enhance operational efficiency.
Team Description:
The Security Research and Testing (SRT) team specializes in simulating real-world cyberattacks to uncover vulnerabilities and evaluate the effectiveness of Disney Experiences (DX) and Disney Corporate (Corp) technology systems' security measures. By mimicking tactics used by malicious actors, the SRT team provides critical insights into potential weaknesses. They work closely with both technology and business teams across DX and Corp to analyze findings, strengthen security policies, and recommend targeted improvements to address gaps in infrastructure, processes, and training, ensuring a robust and resilient security posture.
What You Will Do:
We are HIRING! We are looking to add a Manager, Security Assurance to our Team!
Responsibilities:
- Lead and manage a team of cybersecurity professionals specializing in research and adversarial testing.
- Foster a collaborative and high-performing team environment while providing mentorship and professional development opportunities.
- Develop and implement strategies for conducting cybersecurity research, adversarial simulations, and testing initiatives.
- Manage the planning and execution of SRT testing engagements.
- Ensure comprehensive assessments of security controls, incident detection, and response capabilities.
- Partner with/Lead cross-functional teams, including IT, attraction engineering, and business units, to align security testing activities with organizational needs.
- Communicate findings and recommendations to stakeholders, including executives.
- Work closely with defensive security, technology, and business teams to share insights and enhance overall security resilience.
- Establish metrics to measure the effectiveness of testing and research efforts.
- Prepare detailed reports and presentations on findings, risk levels, and recommended actions.
- Evaluate, select, and oversee the deployment of tools and technologies to support research and testing efforts.
- Establish feedback loops and post-engagement reviews to ensure improvement in ongoing SRT security programs and practices .
Must Haves
- Minimum of 8+ y ears of related IT security testing experience
- 8+ years of relevant experience leading a security testing team
- Experience leading highly technical teams in a security program for a large and complex organization
- Proven experience conducting comprehensive testing of technology solutions within large-scale, complex, and dynamic IT environments.
- Competent in tools such as Burp Suite, Metasploit, NMAP, Wireshark, Aircrack -ng, Jack-The-Ripper
- Proficient knowledge around system hardening testing for operating systems (Windows, Linux, macOS).
- Experience with Cloud Solutions (Azure, GCP, AWS) and Software as a Service (SaaS) solution.
- Strong knowledge of network devices (routers, switches, firewalls) and their secure configurations.
- Strong knowledge of configuration management and auditing tools.
- Solid understanding of security frameworks and standards (NIST, CIS) .
Education:
- Bachelor's degree in Computer Science , Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience
#DISNEYTECH
Top Skills
What the Team is Saying
What We Do
Innovation is in the DNA of The Walt Disney Company. We not only embrace it, we translate it into experiences you can see and feel. From our groundbreaking work in advanced audio-animatronic robots featured in the Disney theme parks, to streaming services that are redefining entertainment, to inventing tools to create new worlds in our films — The Walt Disney Company has spent nearly 100 years immersing audiences in new and stunning experiences using groundbreaking technology. When next generation technology meets talented people ready to tackle challenges still to be imagined, anything can happen.
Why Work With Us
Every technologist at Disney is essential to helping us create unforgettable experiences and innovative products. Our teams constantly spearhead innovation by incubating cutting-edge ideas into production-ready solutions. At Disney, you’ll make an impact you can see and feel with a team that both supports and challenges your thinking.
Gallery
The Walt Disney Company Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
