Software Engineer

efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our

consumer experiences, enabling business growth, and advancing operational excellence.

The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent,

detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise

and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key

objectives are to:

• Secure the Magic by protecting information systems and platforms.

• Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.

• Strengthen the business through optimizing execution, application, and technology used to protect the Company.

• Innovate by investing in core capabilities to enhance operational efficiency., We are seeking a Sr Software Engineer to design, build, and maintain internal applications and integrations that enhance the organization's core cybersecurity operations. This role bridges security engineering and software development, focusing on automating compliance, improving risk visibility, and accelerating security workflows through infrastructure-as-code and AI-driven modeling. This role will work closely with compliance analysts, infrastructure teams, and service owners across the enterprise to develop secure, scalable solutions supporting continuous compliance, risk modeling, and operational visibility.

• Design and develop internal cybersecurity tools and services to support compliance, visibility and risk modeling functions.

• Build and maintain integrations between legacy, in-house, and cloud-based systems using APIs and SDKs.

• Implement and manage IaC frameworks to automate security configuration and auditing workflows.

• Collaborate with compliance teams to translate audit and control requirements (SOX, PCI, etc.) into code-based solutions and enhancements in existing applications.

• Contribute to data ingestion and analytics pipelines that improve visibility across cloud and on-prem environments.

• Develop AI/ML models to assist with automated risk categorization, configuration detection, or control validation.

• Work with DevOps and Security Engineering to maintain consistent RBAC, IAM, and policy enforcement across multi-cloud and Kubernetes environments.

• Build, document, and maintain runbooks specific to internal APIs, service architecture, and developed frameworks.

• Stay up to date on cybersecurity trends, industry standards (ISO, NIST, CIS), and regulatory requirements.

• Provide mentorship and technical guidance to engineers and analysts, ensuring secure design and operational excellence.

• Minimum of 5+ years of experience in software development

• Experience with modern security tooling, DevSecOps, and AI/ML in cybersecurity

• Required Knowledge of:

• AWS: IAM, RBAC modeling, API and SDK-based resource discovery, Systems Manager (SSM)

• Git & GitHub: version control, branching strategies, and CI/CD pipelines

• Linux: security models, permissions, and bash scripting

• SQL: relational data modeling, queries, and integration with back-end systems

• Programming Languages: Python, C#, and/or Ruby

• Infrastructure as Code: Terraform

• Understanding of:

• Databases: user permission models for MSSQL, MySQL, PostgreSQL, Couchbase, and MemSQL

• Operating Environments: on-premises, cloud, and Kubernetes-based systems

• Identity Systems: Active Directory, LDAP, Okta; user lifecycle management and directory integrations

• Configuration & Deployment Tools: Helm and Salt

• Security Frameworks: developing control-based automation and integrating security telemetry into compliance and risk modeling functions

Preferred Qualifications:

• Experience with Scala and/or Golang

• Deep understanding of cybersecurity principles and best practices

• Strong problem-solving and debugging skills in complex distributed environments

• Ability to translate security and compliance requirements into technical solutions

• Excellent collaboration and communication skills with cross-functional teams

• Strong sense of ownership and accountability for secure, maintainable code

• Relevant security certifications such as OSCP, ISC2 CISSP, AWS Certified Security - Specialty, SANS, CEH, etc. are a major plus.

Education:

• Bachelor's degree in Computer Science, Information Systems, Software, Electronics Engineering, or comparable field of study, and/or equivalent work experience

The hiring range for this position in Los Angeles, CA is $141,900 to $190,300 per year and in Seattle, WA is $148,700 to $199,400 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise, Global Information Security (GIS) supports all of Disney's business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney's streaming services-Disney+, Hulu, and ESPN+ -as well as Disney's broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers., At Disney Corporate you can see how the businesses behind the Company's powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you'll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe., The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney's stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished. This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate).