Job Summary:At Disney, we’re storytellers.
We make the impossible, possible.
The Walt Disney Company is a world-class entertainment and technological leader.
Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses.
Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise.
We protect the brand and reputation while enabling and supporting business objectives.
GIS teams are located in Seattle, Burbank, and Orlando.In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology.
This process includes:1.
Analysis of known and emerging threats to determine risks against TWDC assets2.
Creation, maintenance, governance and communication of security policies and standards across TWDC3.
Assessment and audit of compliance against the security policies and standards4.
Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteriaWe look add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work.This role within GIS will support information security operations and initiatives at Hulu, the leading premium streaming service offering live and on-demand TV and movies, with and without commercials, both in and outside the home.
Operating at the intersection of entertainment and technology, Hulu captivates and connects viewers with the stories they love.
We’re looking for people who are passionate about redefining TV through innovation, unconventional thinking, and embracing fun.This will be for all of Disney Streaming (Disney+, Hulu, ESPN+, STAR+) and is being hired out of the Hulu headquarters.Responsibilities:Develop security services and integrations to be used in CI/CD and consumed by development teamsTriage vulnerabilities identified by code scanning toolsEngage with developers to provide remediation supportAssist with code reviews and develop secure librariesPerform security reviews of new services and featuresPerform web application penetration testingParticipate in incident response and analysisBasic Qualifications:5+ years of direct application security experience3+ years of development experience with Python, Java, JavaScript (Node/React), and/or GoKnowledge of security vulnerabilities and remediation techniquesKnowledge of CI/CD, JIRAPreferred Qualifications:Experience working with AWS or other cloud environments (development/architecture)Understanding beyond the OWASP Top 10 by explaining the level of risk to the business.Has successfully managed or participated in bug bounty programsContributed to open source projectsPracticed threat modeling applicationsSecurity+ or other industryRequired EducationBachelor’s degree in Computer Science or equivalent experience in a related fieldAdditional Information:DISNEYTECH