Security Engineer - Security Architecture and Engineering
The Walt Disney CompanyJob Details
Job Description
Job Posting Title: Security Engineer - Security Architecture and Engineering Req ID: 10137015 Job
Description:
Department
Description:
At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses.
Uniting each endeavor is a commitment to creating and delivering unforgettable
experience:
s — and we’re constantly looking for new ways to enhance these exciting
experience:
s. The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer
experience:
s, enabling business growth, and advancing operational excellence. The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program.
Our key objectives are to: Secure the Magic by protecting information systems and platforms. Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests. Strengthen the business through optimizing execution, application, and technology used to protect the Company.
Innovate by investing in core capabilities to enhance operational efficiency. Team
Description:
The GIS Security Architecture and Engineering team is Disney’s trusted authority in security architecture, solution engineering, and secure product delivery. We provide innovative, standards-based capabilities and exceptional service that evolve with our clients’ needs—ensuring protection, agility, and peace of mind across the enterprise.
We empower transformational innovation by designing and implementing scalable security architectures and frameworks that enhance resiliency, enable agility, and safeguard Disney’s global technology ecosystem. Our work protects the integrity of Disney’s storytelling,
experience:
s, and operations—reducing risk, enabling agility, and ensuring resilience in a rapidly evolving threat landscape. We are hiring a Security Engineer - Security Architecture and Engineering!
Responsibilities:
of the Role: Design, develop, and implement secure solutions and reference architectures that align with business objectives, enterprise standards, and evolving threats.
- Provide situation-based guidance during solution design, leveraging in-depth knowledge of security technologies, policies, and controls to ensure alignment with Disney’s security
requirements:
and industry best practices. Translate security
requirements:
into scalable technical controls integrated across systems, applications, and cloud environments.
- Execute advanced risk and threat analysis activities, including threat modeling, architecture risk reviews, and vulnerability assessments.
Incorporate internal incident trends and external threat intelligence to proactively shape security decisions and architectural guidance.
- Evaluate security posture across platforms and technologies, recommending pragmatic and business-aligned mitigations.
- Create and maintain security architecture artifacts such as reference architectures, control frameworks, design patterns, standards, and policies.
- Support governance through documentation of control mapping, compliance alignment (e.g., NIST, CIS, ISO 27001), and integration into solution development.
Translate complex security issues into understandable terms and balanced recommendations that consider business context, impact, and feasibility.
- Facilitate security reviews and ensure follow-through on findings, including mitigation planning, exception tracking, and risk acceptance where appropriate.
- Document engineering designs, security findings, risk decisions, and solution status to support transparency, auditability, and knowledge-sharing across the organization.
- Ensure configuration standards align with internal policy, regulatory
requirements:
, and industry benchmarks such as CIS Benchmarks, NIST 800-53, and DISA STIGs. Must Haves: 3+ years’
experience:
in Security Architecture & Engineering 3+ years’
experience:
securing workloads and services in public cloud environments (e.g., AWS, Azure, Google Cloud Platform), including implementing native cloud security controls, identity and policy management, and secure configuration of cloud services. Proven ability to create conceptual, logical, and physical security architecture diagrams, with a deep understanding of common vulnerabilities and countermeasures across systems and networks.
Experience:
in designing and implementing security controls, including those for information protection, identity and access management (e.g., Kerberos, NTLM, Active Directory), and networking technologies (e.g., routing, switching, SDN, containerization, elastic compute). Strong working knowledge of risk analysis methodologies and the design of compensating controls in complex environments.
Familiarity with leading cybersecurity frameworks and methodologies, such as NIST 800-53, NIST 800-30, MITRE ATT&CK, STRIDE, and general compliance programs and regulations (e.g., SOX, HIPAA, PCI DSS). Nice to Haves: 3+ years of
experience:
in at least 2 of the following domains: Security and Risk Management, Asset Security, Communications and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, Software Development Security (including DevSecOps or secure coding practices) Familiarity with enterprise architecture frameworks such as TOGAF, and their application in aligning security
requirements:
with business and IT strategies. Knowledge in applying cybersecurity principles in the implementation of Artificial Intelligence (AI) Security Certifications: CISSP, CCSP, AWS Certified Public Cloud Architect, CISM, CRISC, CISA, MCSE Cloud, VMWare VCP6 Cloud, EMCCA cloud computing Architect, or GIAC
Education:
Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work
experience:
#DISNEYTECH The hiring range for this position in Seattle, WA is $112,000 - $150,100 per year and in Burbank, CA is $106,900 - $143,300 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge,
skills:
, and
experience:
among other factors. A bonus and/or long-term incentive units may be provided as part of the
compensation:
package, in addition to the full range of medical, financial, and/or other
benefits:
, dependent on the level and position offered. Job Posting Segment: Enterprise Technology Job Posting Primary Business: Corporate Global Information Security Primary Job Posting Category: Security Engineering Employment Type: Full time Primary City, State, Region, Postal Code: Burbank, CA, USA Alternate City, State, Region, Postal Code: USA - FL - Kirkman Point 1, USA - WA - 925 4th Ave Date Posted: 2025-11-26 Learn more
about:
us.
