Sr Security Specialist, Operations

At Disney, we‘re storytellers. We make the impossible, possible. We do this through utilizing and developing cutting-edge technology and pushing the envelope to bring stories to life through our movies, products, interactive games, parks and resorts, and media networks. Now is your chance to join our talented team that delivers unparalleled creative content to audiences around the world.

The Senior Security Specialist will be responsible for the maintenance, operation and integration of network and security tools to detect suspicious and hostile activity that would jeopardize the integrity of information systems. You will assist in the evaluation, research and development of computer and network security tools and implementation plans. This will require practical use and understanding of advanced security protocols, standards, and a solid knowledge of information security principles and practices. You will work closely with security team members, infrastructure engineers, information and system administrators to ensure mitigation of all activity detected. Coordinate cross-functional team meetings to remediate previously identified security risks and close out pending action plans.
Participate in 24x7 on-call rotation.
ResponsibilitiesPerform Service Delivery of Security Operations Infrastructure:

• Support of TWDC Data Loss Prevention, product management, upgrades and reporting for both on-prem and cloud solutions.
• Support of TWDC end point security solutions, product management, upgrades and reporting for both on-prem and cloud solutions
• Supports systems security requirements, operational requirements, test and evaluation, integration and tuning of system security appliances, applications, and tools.
• Recommends and implements security policies and procedures as a result of in depth research of potential harmful threats to the organization's IT infrastructure.
• Provide coordination for security event detection, identification and resolution.
• Develop technical security standards to support policies including assisting in creating and coordinating security monitoring standards and incident investigation procedures.
• Engage with cross-functional teams in the design and implementation of security projects and initiatives
• Assist with the development of metric and scorecards in support of the information security program for quarterly and annual Information Security reports to executive management

Preform Security Analyst Functions

• Review proposed change control request to ensure proper alignment with TWDC policies standards and guidelines
• Maintain responsibility for incident confirmation, response, data collection, investigation, and analysis.
• Issue, follow-up, resolve or drive resolution of open security event tickets.
• Respond to computer security breaches and viruses

Other Functions:

• Support investigations with respect to forensics (including disk, email and web history)
• In conjunction with the Application Service Owner, Network Operator, provide IT security input on projects and other formal work groups and committees
• Promote awareness of applicable security policies and standards
• Implement or coordinate remediation required by audits, as necessary
• Collate security event data to produce monthly exception and management reports.
• Respond to and, where appropriate, resolve or escalate reported security incidents.
• Stays up to date on new software/hardware reaching the market and how security policies apply.

Basic Qualifications

• At least five (5) years of relevant work experience with three (3) years of practical information security experience.
• Expert level experience managing security tools.
• Experience tuning, improving and devising new ways to collect, signal, and identify suspicious events in an operational production environment.
• Experience working in an operational capacity, with expertise in at least one of the following areas: server, network, cloud, database
• Experience working with Enterprise SIEM, log sources, incident escalation
• Experience in information management and information technology security design and implementation.
• Experience with log or data analysis, extracting salient data points to improve detective capabilities.
• Broad exposure to various security disciplines and deeper understanding of models and principles behind core security concepts such as TCP/IP, MFA, and network routing and switching.
• Experience working with multiple operating systems to include Linux, Windows, and OS X.
• Intermediate knowledge/ coding skills in Python or similar.
• Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment.
• Ability to rapidly assess a situation and identify, isolate and communicate problems and issues.
• Excellent communication skills (both oral/written) including ability to clearly communicate risks and risk management issues to technologists and non-technologists.
• Participate in 24x7 on-call rotation.

Preferred Qualifications

• One or more senior Information Security certifications (e.g. CISSP/GIAC) preferred.
• Experience in Symantec, or other Data Loss Prevention tools/products supporting a large enterprise preferred.
• Advanced scripting/coding skills preferred.

Required Education

• Bachelor’s Degree in Computer Science, Computer Engineering/Information Systems or equivalent experience

Preferred Education

• Masters or other advanced degree preferred

Company Overview At Corporate, you’ll team with the best in the business to build one of the most innovative global businesses in any industry. Uniquely positioned at the center of an exciting, multi-faceted Company, the forward-thinkers at Disney Corporate constantly pursue new ideas and technologies to help the Company’s many businesses drive value, all the while gaining something valuable from the experience themselves. Come see the most interesting Company from the most interesting point of view.
Additional Information

• This position is a legal entity of The Walt Disney Company, an equal opportunity employer.