Job Description

Job Summary:

Who We Are:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.

The Global Information Security (GIS) group provides services to protect the value and use of Disney’s information through collaboration, standardization, enforcement, and education across The Walt Disney Company.  The main focus areas of this group are:

• Reduce the risk of both accidental and malicious data disclosure

• Identify, monitor, engage with complete inventory of information

• Establish appropriate policies and procedures to be followed

• Educate user community to minimize risk

Team Description:

The GIS Red Team performs real world threat emulation with the continual goals of improving organizational readiness, providing advanced simulation for defensive teams, and assessing current control performance for critical TWDC assets.  The goal of the Red Team is to continually drive prioritized improvements across TWDC enhancing the cyber security posture of the organization as well as that provide the most accurate insight into the effectiveness of cyber security controls intended to protect TWDC’s most valuable assets. 

What You Will Do:

The Sr. Security Specialist, Red Team Operations reports to the Director, Security Assurance for the Forensic, Investigation, Response and Enhanced Detection (F.I.R.E) team. This role plays a critical role with ensuring the overall effectiveness and efficiency of GIS F.I.R.E Red Team operations is maintained and or matured to ensure operational coverage and reach. The role is also responsible for evaluating reported or identified security risks, facilitating and executing strategic remediation of cyber issues/incidents, driving security initiatives across a matrixed organization, or efforts to improve the company’s overall security posture. 

Responsibilities include:

• Facilitate end-to-end security activities surrounding systemic issues identified during Red Team Operations 

• Support post Red Team Operations and drive lessons learned and best practices towards continuous improvement; ensure timely completion/closure and remediation

• Compile all data, metrics, and executive summaries to ensure timely development of F.I.R.E Red Team deliverables (Monthly Business Reviews, Cyber Intelligence reports, etc.) 

• Collaborate with GIS peers to deliver analysis and briefings around security operations efficiency, effectiveness and coverage, and risk reduction activities. 

• Identification/development of risk observations sourced from Red Team findings and security concerns

• Coordinate and distribute updates or response actions to leaders

• Use operation progress to inform daily/weekly/monthly metrics for meetings with GIS Management & Executive team to inform on Red Team Program’s progress throughout fiscal year

• Use TWDC RTO Standardized toolset and management priority to forecast and plan future operations and Exercises

• Conduct an onboarding & exit calls with Red Team and Exercise Stakeholders. 

• Coordinate and communicate remediation efforts between Red Team, Corrective Action Team, and the owner of vulnerable systems or applications. 

Must Have:

• 5+ years work experience within an information security function; technical role or functional exposure to the areas of information security operations, incident response, anomaly detection, and red team operations. 

• Understanding of overall security landscape including concepts around governance, compliance, security controls

• Foundational technical knowledge in computing hardware, application development, network technologies, and Cloud services 

• Ability to break down and communicate technically complex security solutions and impacts for non-technical audiences

• General understanding of security threats, attacks and tactics 

• Ability to manage multiple priorities and work effectively in a fast-paced, high volume, and results driven environment 

• Ability to rapidly assess a situation and produce summarized results of the issue/security concern

• Develop visually appealing graphics and relay complex technical information into a summarized, easy to understand manner via published artifacts, briefings and presentations.

• Ability to develop and deliver presentations using MS and Adobe products.

• Ability to work in large global environments spanning multiple time-zones.

Nice To Have:

• Previous experience working on a Red Team/Penetration team or cyber security team

• Knowledge of cybersecurity domains and disciplines

Education:

• Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience

The hiring range for this remote position is $109,400-$168,700 per year, which factors in various geographic regions. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

Job Tags

Work experience placement, Remote job,

Similar Jobs