Security Engineer - Security Architecture and Engineering

Department Description:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.

The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to:

• Secure the Magic by protecting information systems and platforms.

• Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.

• Strengthen the business through optimizing execution, application, and technology used to protect the Company.

• Innovate by investing in core capabilities to enhance operational efficiency.

Team Description:

The GIS Security Architecture and Engineering team is Disney’s trusted authority in security architecture, solution engineering, and secure product delivery. We provide innovative, standards-based capabilities and exceptional service that evolve with our clients’ needs—ensuring protection, agility, and peace of mind across the enterprise. We empower transformational innovation by designing and implementing scalable security architectures and frameworks that enhance resiliency, enable agility, and safeguard Disney’s global technology ecosystem. Our work protects the integrity of Disney’s storytelling, experiences, and operations—reducing risk, enabling agility, and ensuring resilience in a rapidly evolving threat landscape.

We are hiring a Security Engineer - Security Architecture and Engineering!  

Responsibilities of the Role:

• Design, develop, and implement secure solutions and reference architectures that align with business objectives, enterprise standards, and evolving threats.

• Provide situation-based guidance during solution design, leveraging in-depth knowledge of security technologies, policies, and controls to ensure alignment with Disney’s security requirements and industry best practices.

• Translate security requirements into scalable technical controls integrated across systems, applications, and cloud environments.

• Execute advanced risk and threat analysis activities, including threat modeling, architecture risk reviews, and vulnerability assessments.

• Incorporate internal incident trends and external threat intelligence to proactively shape security decisions and architectural guidance.

• Evaluate security posture across platforms and technologies, recommending pragmatic and business-aligned mitigations.

• Create and maintain security architecture artifacts such as reference architectures, control frameworks, design patterns, standards, and policies.

• Support governance through documentation of control mapping, compliance alignment (e.g., NIST, CIS, ISO 27001), and integration into solution development.

• Translate complex security issues into understandable terms and balanced recommendations that consider business context, impact, and feasibility.

• Facilitate security reviews and ensure follow-through on findings, including mitigation planning, exception tracking, and risk acceptance where appropriate.

• Document engineering designs, security findings, risk decisions, and solution status to support transparency, auditability, and knowledge-sharing across the organization.

• Ensure configuration standards align with internal policy, regulatory requirements, and industry benchmarks such as CIS Benchmarks, NIST 800-53, and DISA STIGs.

Must Haves:

• 3+ years’ experience in Security Architecture & Engineering

• 3+ years’ experience securing workloads and services in public cloud environments (e.g., AWS, Azure, Google Cloud Platform), including implementing native cloud security controls, identity and policy management, and secure configuration of cloud services.

• Proven ability to create conceptual, logical, and physical security architecture diagrams, with a deep understanding of common vulnerabilities and countermeasures across systems and networks.

• Experience in designing and implementing security controls, including those for information protection, identity and access management (e.g., Kerberos, NTLM, Active Directory), and networking technologies (e.g., routing, switching, SDN, containerization, elastic compute).

• Strong working knowledge of risk analysis methodologies and the design of compensating controls in complex environments.

• Familiarity with leading cybersecurity frameworks and methodologies, such as NIST 800-53, NIST 800-30, MITRE ATT&CK, STRIDE, and general compliance programs and regulations (e.g., SOX, HIPAA, PCI DSS).

Nice to Haves:

• 3+ years of experience in at least 2 of the following domains: Security and Risk Management, Asset Security, Communications and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, Software Development Security (including DevSecOps or secure coding practices)

• Familiarity with enterprise architecture frameworks such as TOGAF, and their application in aligning security requirements with business and IT strategies.

• Knowledge in applying cybersecurity principles in the implementation of Artificial Intelligence (AI)

• Security Certifications: CISSP, CCSP, AWS Certified Public Cloud Architect, CISM, CRISC, CISA, MCSE Cloud, VMWare VCP6  Cloud,  EMCCA cloud computing Architect, or GIAC

Education:

• Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience

#DISNEYTECH

The hiring range for this position in Seattle, WA is $112,000 - $150,100 per year and in Burbank, CA is $106,900 - $143,300 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.