The Walt Disney Company Sr Security Specialist, Operations (DLP) in Burbank, California
At Disney, we‘re storytellers. We make the impossible, possible. We do this through utilizing and developing cutting-edge technology and pushing the envelope to bring stories to life through our movies, products, interactive games, parks and resorts, and media networks. Now is your chance to join our talented team that delivers unparalleled creative content to audiences around the world.
The Disney Technology Solutions and Services (DTSS) organization provides scalable, reliable enterprise-wide networks and computing platforms to all of the Disney businesses through integrated service aggregation from multiple internal and external providers. DTSS is guided by the principles of being service focused and easy to do business with, being biased for action and innovation, and being efficient through leverage and continuous improvement.
Responsibilities : Perform Security Analyst Functions:
Plan, implement, upgrade and monitor security controls for the protection of TWCC computer networks and information systems.
Ensure appropriate security policies and controls are in place that will safeguard digital files and vital electronic systems
Respond to computer security breaches and viruses
Review proposed change control request to ensure proper alignment with TWDC policies standards and guidelines
Issue, follow-up on, resolve or drive resolution of open security event tickets.
Perform Service Delivery of Security Operations Infrastructure:
Provide coordination for security event detection, identification and resolution
Data Loss Prevention technology oversight, product management, upgrades, reporting, etc
Provide technical assistance in the selection, configuration, and maintenance of network security devices including, but not limited to, firewalls, IPS/IDS, SIEM, WAF, Network-based Malware detection and related platforms
Develop technical security standards to support policies including assisting in creating and coordinating security monitoring standards and incident investigation procedures.
Serve as a technical resource in advising and assisting all departments and schools for issues relating to network security.
Engage with cross-functional teams in the design and implementation of security projects and initiatives
Assist with the development of metric and scorecards in support of the information security program for quarterly and annual Information Security reports to executive management
Support investigations with respect to forensics (including disk, email and web history)
In conjunction with the Application Service Owner, Network Operator, provide IT security input on projects and other formal workgroups and committees
Promote awareness of applicable security policies and standards
Implement or coordinate remediation required by audits, as necessary
Collate security event data to produce monthly exception and management reports.
Respond to and, where appropriate, resolve or escalate reported security incidents.
Basic Qualifications :
Five (5) years of IT experience in three or more areas (i.e. infrastructure, network, Client Server, application, desktop OS, project management)
Experience in Symantec data loss prevention tools/products supporting a large enterprise
Experience working with Enterprise SIEM, log sources, incident escalation
Experience working with Enterprise anti-malware, HIDS products
Three (3) years of practical information security experience.
Experience in information management and information technology security design and implementation.
Demonstrated experience with security event logs from various operating systems and appliances
Experience managing IDS / IPS / firewall systems across an enterprise.
Demonstrated experience in creating conceptual, logical and physical security diagrams, Thorough understanding of vulnerabilities and countermeasures.
Information Security technology/compliance experience. Familiarity with major regulations such as Sarbanes-Oxley and NERC CIP preferred.
Detailed understanding of TCP/IP and related communication protocols, Windows authentication mechanisms (Kerberos, NTLM, AD), networking technologies, routing and switching, and risk analysis and risk management methodologies.
Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment. Ability to rapidly assess a situation and identify, isolate and communicate problems and issues.
Excellent communication skills (both oral/written) including ability to clearly communicate risks and risk management issues to technologists and non-technologists.
One or more senior Information Security certifications (e.g. CISSP or GIAC) preferred.
Required Education :
- BA/BS in business, computer science or equivalent work experience
Preferred Education :
- Masters or other advanced degree preferred
Company Overview :
At Corporate, you’ll team with the best in the business to build one of the most innovative global businesses in any industry. Uniquely positioned at the center of an exciting, multi-faceted Company, the forward-thinkers at Disney Corporate constantly pursue new ideas and technologies to help the Company’s many businesses drive value, all the while gaining something valuable from the experience themselves. Come see the most interesting Company from the most interesting point of view.
Additional Information :
- This position is a legal entity of The Walt Disney Company, an equal opportunity employer.
Job ID: 483804BR
Job Posting Company: The Walt Disney Company (Corporate)