Security Engineer - Software Engineer

• Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.
• Strengthen the business through optimizing execution, application, and technology used to protect the Company.
• Innovate by investing in core capabilities to enhance operational efficiency.

Team Description:

Our DevOps Platform Team builds and ships shared security infrastructure, governance tooling, and enterprise automation at scale - with a relentless focus on production quality and engineering craft.

This team designs, develops and implements security automation tools and sites to help our customers focus on areas of risk. This role involves taking ownership of technical projects, collaborating with team members, and contributing to security automation initiatives, * Work within the Security Development and Design team that is responsible for protecting the network and company assets from any security threats or attacks through the development of security automation capabilities.

• Architect and implement code deployment pipelines using GitLab or similar CI/CD processes
• Design and optimize security tool deployments, introducing scalable processes across Cyber Security capabilities
• Collaborate effectively with cross-functional teams and contribute to Information Security team efforts across the broad spectrum of information security programs
• Design, develop, and implement reliable platforms needed to host Applications with security requirements
• Build, maintain, and improve runbooks for application support and incident response procedures
• Design and implement monitoring solutions for all aspects of applications, including alerting capabilities
• Communicate effectively with stakeholders and contribute to technical decision-making
• Take ownership of security automation projects and contribute to team initiatives
• Research and evaluate new technologies and security tools to enhance team capabilities

• 5+ years of experience with scripting languages like Python, Bash, and PowerShell with ability to build reliable automation
• Strong knowledge of OpenSearch, PostgreSQL, and other data storage platforms including basic optimization techniques
• Proficient knowledge of Infrastructure as Code tools (CloudFormation, Terraform, Azure Resource Manager, Google Deployment Manager) with experience managing multi-environment deployments
• Proven ability to learn and maintain cutting-edge skills across multiple technical areas (Unix/Linux, Application Security, Vulnerability Management, etc.)
• Experience with deployment of new software and maintenance of deployed software in production environments
• Strong analytical and problem-solving skills with ability to troubleshoot distributed systems
• Proven ability to design solutions for complex problems and contribute to process improvement initiatives
• Experience handling confidential information and understanding of security best practices

Preferred Qualifications:

• Strong expertise in Cloud Platforms (AWS/GCP/Azure) with experience in cloud architecture
• Proficiency in Terraform with experience managing infrastructure across environments
• Python/YAML/JSON with backend development experience
• Designing and implementing CICD pipelines through Jenkins, GitLab, or other enterprise tools
• Container technologies (Kubernetes, Docker) and orchestration concepts
• Knowledge of security frameworks and compliance standards (SOC2, ISO 27001, NIST)
• Security scanning tools integration and vulnerability management platforms
• Monitoring and observability tools (Prometheus, Grafana, ELK stack)
• Understanding of network security concepts and implementation

Required Education:

• Bachelor's degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience
• Relevant security certifications (CISSP, CISM, AWS Security, etc.) preferred

#DISNEYTECH

At Disney, we're storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt's passion was to continuously envision new ways to move audiences around the world-a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences - and we're constantly looking for new ways to enhance these exciting experiences. The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to