Leidos has flagged the Cloud Security Engineer job as unavailable. Let’s keep looking.

Job ID 10077886 Location Orlando, Florida, United States Business The Walt Disney Company (Corporate)

Job Summary:

About Us:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.

The Global Information Security (GIS) Security Research and Testing Team (SRT) performs security testing to improve organizational readiness and assess current control performance for critical Disney Experiences (DX) assets. The goal of SRT is to continually drive prioritized improvements across DX, enhancing the organization's cyber security posture. SRT focuses on meticulously identifying and exploiting vulnerabilities within the DX network and systems before potential adversaries can use them. This will involve emulating sophisticated cyber threats in a controlled manner, drawing on your understanding of diverse technologies, systems, and the mentality of potential threat actors.

What You Will Do:

The Security Engineer, Security Assurance role goes beyond testing, and you will be tasked with creating comprehensive reports and delivering in-depth analysis of findings.

Responsibilities:

  • Conceptualize and develop solutions to improve security posture and lead projects from conception to design to implementation
  • Perform deep analysis of systems to understand limitations and weaknesses; identify cyber security challenges that need to be addressed
  • Drive security risk decisions and influence technical architecture
  • Tackle information security problems before they surface by using ground breaking strategies and testing techniques to identify and address emerging cyber-threats
  • Participate in the cyber security development of DX products and solutions to ensure security requirements are built-in from the beginning
  • Continual self-education of emerging technologies to assist in developing secure configurations (i.e., Cloud Web Services, IoT devices, mobile applications, control systems, etc.)
  • Stay ahead of industry trends and identify best methodologies to implement in-house

Must Have:

  • 3+ years of related work experience
  • Threat/Vulnerability identification, analysis, and remediation experience
  • Experience with NIDS/HIDS, network taps, endpoint detection and response solutions.
  • Knowledge of security testing services/solutions
  • Ability to identify risks and develop appropriate mitigation plans to reduce or eliminate.
  • Conceptual understanding of adversarial techniques, signals/IOC’s generated and containment/mitigation paths
  • Knowledge of tools and techniques for analyzing large sets of data
  • Demonstrated experience using various log sources, as well as internal and external threat intelligence, to identify emerging threats.
  • Deep understanding of common security practices and frameworks

Nice To Have:

  • Knowledge of reverse malware processes and tools
  • Knowledge of cloud providers and cloud security standard processes
  • GIAC Penetration Tester Certification / GPEN certification
  • OffSec OSCP, or other like OffSec certification
  • Knowledge of IoT devices and security concepts
  • Coding (Python, Bash, JS…) with ability to generate customized scripts in common languages such as Python, Pearl, and/or bash.
  • Knowledge of SIEM solutions/Splunk, Penetration Testing / Red Team
  • Security accreditation (i.e., CISSP, GSEC, CISM).
  • Commercial and open-source tools such as Kali, nmap, Nessus, openvas, sqlmap, Burp Suite, meterpreter, kismet, fiddler, Wireshark, and Aircrack-ng

Education:

  • Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience
Read Full Description
Confirmed 19 hours ago. Posted 27 days ago.

Discover Similar Jobs

Suggested Articles