The Walt Disney Company (Germany) GmbH
Security Engineer - Security Architecture and Engineering
The Walt Disney Company (Germany) GmbH, Seattle, Washington, us, 98127
Security Engineer – Security Architecture and Engineering
At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world‑class entertainment and technological leader. Our enterprise technology mission delivers solutions that align with business strategies while enabling efficiency and fostering cross‑company innovation. The Global Information Security (GIS) organization protects Disney’s magic by assessing, preventing, detecting, and responding to cyber threats.
Team Description The GIS Security Architecture and Engineering team is Disney’s trusted authority in security architecture, solution engineering, and secure product delivery. We design and implement scalable security architectures and frameworks that enhance resiliency, enable agility, and safeguard Disney’s global technology ecosystem.
Responsibilities
Design, develop, and implement secure solutions and reference architectures that align with business objectives, enterprise standards, and evolving threats.
Provide situation‑based guidance during solution design, leveraging in‑depth knowledge of security technologies, policies, and controls to ensure alignment with Disney’s security requirements and industry best practices.
Translate security requirements into scalable technical controls integrated across systems, applications, and cloud environments.
Execute advanced risk and threat analysis activities, including threat modeling, architecture risk reviews, and vulnerability assessments.
Incorporate internal incident trends and external threat intelligence to proactively shape security decisions and architectural guidance.
Evaluate security posture across platforms and technologies, recommending pragmatic and business‑aligned mitigations.
Create and maintain security architecture artifacts such as reference architectures, control frameworks, design patterns, standards, and policies.
Support governance through documentation of control mapping, compliance alignment (e.g., NIST, CIS, ISO 27001), and integration into solution development.
Translate complex security issues into understandable terms and balanced recommendations that consider business context, impact, and feasibility.
Facilitate security reviews and ensure follow‑through on findings, including mitigation planning, exception tracking, and risk acceptance where appropriate.
Document engineering designs, security findings, risk decisions, and solution status to support transparency, auditability, and knowledge‑sharing across the organization.
Ensure configuration standards align with internal policy, regulatory requirements, and industry benchmarks such as CIS Benchmarks, NIST 800‑53, and DISA STIGs.
Must Haves
3+ years’ experience in Security Architecture & Engineering.
3+ years’ experience securing workloads and services in public cloud environments (AWS, Azure, GCP), including implementing native cloud security controls, identity and policy management, and secure configuration of cloud services.
Proven ability to create conceptual, logical, and physical security architecture diagrams, with a deep understanding of common vulnerabilities and countermeasures across systems and networks.
Experience designing and implementing security controls, including those for information protection, identity and access management (Kerberos, NTLM, Active Directory), and networking technologies (routing, switching, SDN, containerization, elastic compute).
Strong working knowledge of risk analysis methodologies and the design of compensating controls in complex environments.
Familiarity with leading cybersecurity frameworks and methodologies, such as NIST 800‑53, NIST 800‑30, MITRE ATT&CK, STRIDE, and general compliance programs and regulations (SOX, HIPAA, PCI DSS).
Nice to Haves
Experience in at least two of the following domains: Security and Risk Management, Asset Security, Communications and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, Software Security.
Familiarity with enterprise architecture frameworks such as TOGAF and their application in aligning security requirements with business and IT strategies.
Knowledge in applying cybersecurity principles in the implementation of Artificial Intelligence (AI).
Security certifications such as CISSP, CCSP, AWS Certified Public Cloud Architect, CISM, CRISC, CISA, MCSE Cloud, VMWare VCP6 Cloud, EMCCA Cloud Computing Architect, or GIAC.
Education
Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience.
#DISNEYTECH
The hiring range for this position in Seattle, WA is $112,000–$150,100 per year and in Burbank, CA is $106,900–$143,300 per year. The base pay will be determined based on internal equity and may vary by geographic region, job‑related knowledge, skills, and experience. A bonus and/or long‑term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and other benefits, depending on level and position offered.
#J-18808-Ljbffr
Team Description The GIS Security Architecture and Engineering team is Disney’s trusted authority in security architecture, solution engineering, and secure product delivery. We design and implement scalable security architectures and frameworks that enhance resiliency, enable agility, and safeguard Disney’s global technology ecosystem.
Responsibilities
Design, develop, and implement secure solutions and reference architectures that align with business objectives, enterprise standards, and evolving threats.
Provide situation‑based guidance during solution design, leveraging in‑depth knowledge of security technologies, policies, and controls to ensure alignment with Disney’s security requirements and industry best practices.
Translate security requirements into scalable technical controls integrated across systems, applications, and cloud environments.
Execute advanced risk and threat analysis activities, including threat modeling, architecture risk reviews, and vulnerability assessments.
Incorporate internal incident trends and external threat intelligence to proactively shape security decisions and architectural guidance.
Evaluate security posture across platforms and technologies, recommending pragmatic and business‑aligned mitigations.
Create and maintain security architecture artifacts such as reference architectures, control frameworks, design patterns, standards, and policies.
Support governance through documentation of control mapping, compliance alignment (e.g., NIST, CIS, ISO 27001), and integration into solution development.
Translate complex security issues into understandable terms and balanced recommendations that consider business context, impact, and feasibility.
Facilitate security reviews and ensure follow‑through on findings, including mitigation planning, exception tracking, and risk acceptance where appropriate.
Document engineering designs, security findings, risk decisions, and solution status to support transparency, auditability, and knowledge‑sharing across the organization.
Ensure configuration standards align with internal policy, regulatory requirements, and industry benchmarks such as CIS Benchmarks, NIST 800‑53, and DISA STIGs.
Must Haves
3+ years’ experience in Security Architecture & Engineering.
3+ years’ experience securing workloads and services in public cloud environments (AWS, Azure, GCP), including implementing native cloud security controls, identity and policy management, and secure configuration of cloud services.
Proven ability to create conceptual, logical, and physical security architecture diagrams, with a deep understanding of common vulnerabilities and countermeasures across systems and networks.
Experience designing and implementing security controls, including those for information protection, identity and access management (Kerberos, NTLM, Active Directory), and networking technologies (routing, switching, SDN, containerization, elastic compute).
Strong working knowledge of risk analysis methodologies and the design of compensating controls in complex environments.
Familiarity with leading cybersecurity frameworks and methodologies, such as NIST 800‑53, NIST 800‑30, MITRE ATT&CK, STRIDE, and general compliance programs and regulations (SOX, HIPAA, PCI DSS).
Nice to Haves
Experience in at least two of the following domains: Security and Risk Management, Asset Security, Communications and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, Software Security.
Familiarity with enterprise architecture frameworks such as TOGAF and their application in aligning security requirements with business and IT strategies.
Knowledge in applying cybersecurity principles in the implementation of Artificial Intelligence (AI).
Security certifications such as CISSP, CCSP, AWS Certified Public Cloud Architect, CISM, CRISC, CISA, MCSE Cloud, VMWare VCP6 Cloud, EMCCA Cloud Computing Architect, or GIAC.
Education
Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience.
#DISNEYTECH
The hiring range for this position in Seattle, WA is $112,000–$150,100 per year and in Burbank, CA is $106,900–$143,300 per year. The base pay will be determined based on internal equity and may vary by geographic region, job‑related knowledge, skills, and experience. A bonus and/or long‑term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and other benefits, depending on level and position offered.
#J-18808-Ljbffr