Staff Content Security Engineer

工作 ID 10114438 地點格倫代爾, 加利福尼亚州, 美國 有意工作的公司 The Walt Disney Studios 日期已公佈 Feb. 26, 2025

申請

工作概要:

The Content Security Staff Engineer reports into the Sr Manager of the Content Site Security program at The Walt Disney Studios based in Glendale, CA. The modern filmmaking process is highly complex with dependencies on an entire eco-system of 3rd party strategic partners, suppliers and vendors. This program provides assessment, consulting and advisory services to ensure the entire supply chain remains robust and resilient and allows The Walt Disney Studios' to securely create films, features and series seen across the world.

Responsibilities:

Run end-to-end Site Security assessments, specifically:
- Contacting vendors to schedule and scope assessments
- Understand the filmmaking process and various vendor workflows
- Executing the assessment
- Assess vendor against a set of over 300+ security controls
- Identify intentional or unintentional misrepresentation of security compliance
- Perform detailed inspection and analytics on various IT infrastructure configuration ranging from network, storage, endpoint devices, and cloud-based assets
- Perform real-time validation against attestation and documentation provided by the vendor
- Identifying risk areas and corresponding test procedure associated with each service type, content workflow, and underlying infrastructure
- Analyze assessment findings and document risks accordingly
- Documenting assessment result, accurately and precisely communicating requirements, and publishing the completed report
- Reviewing and negotiating vendor proposed mitigation plans and timelines
- Validating remediation implementation to ensure identified risks have been adequately addressed
Contribute to Content Security’s control framework which includes:
- Writing controls that secure both physical and digital assets.
- Drafting questions for Content Security’s questionnaire that help evaluate a vendor’s compliance to each control.
- Creating applicability matrix for each new control.
- Writing test guidance to effectively identify non-compliant implementations.

Contribute to secure configuration guides used to assess and lockdown a variety of technologies used by vendors including virtual sets and virtual headsets
Run proof-of-concepts to help optimize the assessment workflow, this includes testing new processes and tools designed to drive efficiency with our assessment methodology

Travel to offsite locations to address content security matters
Follow the progress of productions and deal with last minute requests such as the assessment of ADR locations used for last minute production needs

Basic Qualifications:

Bachelor’s degree and/or equivalent work experience
7 years of experience in information security and/or the following areas: security architecture, security engineering, production or network storage engineering, mobile device remote deployment and management, cybersecurity incident investigations, experience with cloud technologies
Ability to travel up to 25% domestically and/or internationally, as needed
Advanced knowledge of cloud security and infrastructure environments for popular cloud providers (AWS, Azure, GCP)
Prior experience in an architecture, development, engineering, or senior technical role
Experience providing product ownership for solutions supporting the Media & Entertainment industry
Ability to work in a highly distributed matrixed environment
Ability to adapt to new technologies and trends
Strong communication (written and verbal, including presentation) and listening skills
Strong documentation skills
Experience in technical project management/leading large scale technology initiatives
Strong analytical, organizational and decision-making skills
Strong negotiation skills

Broad technology expertise with application, system integration, data, and/or infrastructure knowledge
- Storage solutions (e.g., SAN, NAS, encrypted storage devices, cloud cache and storage buckets)
- Digital file transfer tools (e.g., Aspera, Signiant)
- Centralized secure configuration of Linux, Windows, and Mac based servers and endpoints
- Directory Services (e.g., Active Directory, Open Directory, LDAP)
- Device management (e.g., Microsoft InTune, Jamf, Puppet, Ansible)
- Change and patch management solutions (e.g., SCCM, Munki, PDQ Deploy)
- OS hardening best practices for both servers and workstations
- Endpoint protection and Data Loss Prevention solutions
Strong understanding of secure network principles of perimeter devices, servers, and workstations
- Working knowledge of configuring and maintaining firewalls and network switching / routing devices (e.g., Palo Alto, Sonicwall, Fortinet, Brocade, Cisco, HP)
- LAN, WAN, TCP/IP connectivity and security protocols (Point-to-Point, MPLS, VPN)
- Network architecture and layer 2 and Layer 3 routing principles
- Network authentication standards
Strong understanding of Infrastructure as a Service (IaaS) and Infrastructure as Code (IaC)
Expert knowledge in cloud security auditing tools
Working knowledge of configuring and maintaining cloud compute and storage nodes
Provisioning and deprovisioning cloud tenants
Working knowledge of Virtual Private Cloud (VPC) network access control lists
Working knowledge of Web Application Firewalls (WAFs)
Vulnerability scanning, SIEM and common methods of exploiting vulnerabilities
Computer investigation processes and techniques

Preferred Qualifications:

Degree in the following fields: Computer Science, Information Systems, IT Engineering, or a related field.
CISSP, CISA/CISM, or CEH designations
Knowledge of studio IT systems, including production and post-productions environments
Knowledge of feature film production and post-production industries, services, and workflows (e.g., DI, editing, visual/audio effects, encoding, on-set support)
Knowledge of Zero Trust Network Access (ZTNA)

The hiring range for this position in Glendale, CA is $138,900 to $186,200 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

申請

關於The Walt Disney Studios:

超過 95 年來，The Walt Disney Studios 一直是 The Walt Disney Company 建立的基石。時至今日，其將優質電影、情節故事、音樂及舞台劇獻給世界各地的消費者。The Walt Disney Studios 坐擁一系列備受尊崇的電影工作室，包括 Disney、Walt Disney Animation Studios、Pixar Animation Studios、Marvel Studios、Lucasfilm、20th Century Studios 及 Searchlight Pictures。旗下亦設有世界級舞台表演製作商 Disney Theatrical Productions。

關於 The Walt Disney Company:

Walt Disney Company 連同其子公司和聯營公司，是領先的多元化國際家庭娛樂和媒體企業，其業務主要涉及三個範疇：Disney Entertainment、ESPN 及 Disney Experiences。Disney 在 1920 年代的起步之初，只是一間卡通工作室，至今已成為娛樂界的翹楚，並昂然堅守傳承，繼續為家庭中每位成員創造世界一流的故事與體驗。Disney 的故事、人物與體驗傳遍世界每個角落，深入人心。我們在 40 多個國家/地區營運業務，僱員及演藝人員攜手協力，創造全球和當地人們都珍愛的娛樂體驗。

這個職位隸屬於 Walt Disney Pictures，其所屬的業務部門是 The Walt Disney Studios。

Walt Disney Pictures 是提供平等就業機會的僱主。求職者都會獲得聘僱考量的機會，不分種族、宗教、膚色、生理性別、性傾向、社會性別、性別認同、性別表達、原國籍、血統、年齡、婚姻狀態、軍人或退伍軍人身份、醫療狀況、遺傳資訊或殘疾狀況、或者聯邦、州級或地方法律所禁止的其他任何基本特徵。Disney 提倡讓所有人的想法和決策都有助我們發展、創新、創造最好故事的商業環境，並與瞬息萬變的世界息息相關。

就業申請的殘疾便利安排

The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, visit the Disney candidate disability accommodations FAQs. We will only respond to those requests that are related to the accessibility of the online application system due to a disability.

遇到技術問題？查看常見問題以尋求協助。