27 Jul
Security Risk Engineer
Vacancy expired!
Do you have a passion for entertainment and media? The Information Security Team at one of the largest entertainment companies in the world is looking for a high-quality security risk engineer to join their team. As a security risk engineer, you will ensure that proper security and risk protocols are in place. If this sounds like a perfect fit for you, apply now! Required Skills & Experience
- 3+ years of security risk experience
- 2+ years of application security and/or development experience
- Understanding of security vulnerabilities and remediation techniques
- Understanding of CI/CD, JIRA
- Demonstrated experience in understanding security vulnerabilities and identifying remediation techniques
- Experience with risk quantification (FAIR or similar framework)
- Understanding of security controls related to cloud-based offerings
- Understanding of evaluating and assessing security threats across a variety of environments and industries
- Strong analytical skills and ability to multi-task
- Experience working with AWS or other cloud environments (development/architecture)
- Knowledge beyond the OWASP Top 10 by explaining the level of risk to the business
- Experience with building out and utilizing GRC offerings
- Has successfully directed or participated in bug bounty programs
- Contributed to open-source projects
- Experience with audits & assessments driven by business needs, regulatory requirements, and/or industry standards
- Worked on threat modeling applications
- CISSP, Security+ or other industry certifications
- Experience working with companies that have a heavy microservice architecture
- Experience in media industry
- Counsel and consult with partners on identified risks & how to address those risks
- Interact with developers & engineers to provide risk ratings & remediation assist
- Serve as the key member responsible for technical reviews & implementations in the Vendor Security Risk Review program
- Perform security risk reviews of internal & external business initiatives
- Regularly assist in security risk analysis
- Identify, qualify, and prioritize technology risk for Disney Streaming
- Act as an application security risk domain specialist, through consultation and collaboration with the Application Security team & relevant stakeholders
- Participate in risk assessments & analysis involving current and proposed services & features
- Assist in development of risk reporting and design of risk dashboards
- Assist with risk activities related to data & content security
- Competitive Salary: Up to $105K/year, DOE
- Medical Insurance & Health Savings Account (HSA)
- 401(k)
- Paid Sick Time Leave
- Pre-tax Commuter Benefit
Vacancy expired!