Staff Content Security Engineer

Job Summary:

The Walt Disney Studios is a leader in the industry that brings memorable, life-changing stories to the world through Disney Motion Picture Productions (MPP), Marvel Studios, Pixar, Walt Disney Animation Studios, 20th Century Studios, Searchlight Pictures, and Lucasfilm. The incredible movies, shows, and characters that have come to life on the big screen and in our homes are thoroughly embedded in minds and cultures across the globe. From the Marvel Cinematic Universe, reinvented live action classics, multi-film franchises, and Oscar winning films, the studios have redefined movie and series making by building a universe filled with creativity, innovation, and collaboration. At The Walt Disney Studios, you will be part of a team that helps propel our legacy into the future with a vision as far-reaching as our characters, worlds, and stories.  

The Content Security organization is focused on protecting the magic – we ensure that all film and episodic content is protected and does not leak.  We do this by employing the best practices from the world of Cyber Security, technology and a deep understanding of the world of media and entertainment creative workflows.

We are looking for a Content Security Staff Engineer – a true innovator and thought leader, whom, as an individual contributor will have Studio and industry wide impact.  The successful candidate will have a deep technical background and a willingness to learn and have a passion for the world of film.  As the world of technology changes around us, we expect to encounter both new challenges and risks, as well as significant opportunities.  Therefore, this role will be heavily focused on helping to secure artificial intelligence and machine learning technologies. However, even though AI is a significant component of the role, the expectation is that the candidate can provide guidance up and down the tech stack, informing on “traditional” infrastructure and as well as application security best practices and standards.

Given this broad range of responsibility, the successful candidate can deal with ambiguity, provide clarity where none exists and be able to step into and navigate a complex and high-paced environment of hardworking, friendly, and passionate people. The ideal candidate is someone who enjoys being the technical SME, a self-starter and a problem solver. It’s essential that they are a thought leader, confident, and someone who will continue to drive the organization and initiatives critical to the success of Content Security.

Responsibilities

• Stay on top of the latest trends in AI and AI attack techniques to inform the organization of emerging threats, with particular attention to Media and Entertainment use cases
• Work as an AI security SME consulting with teams implementing internally developed and third party developed AI tooling
• Lead efforts to develop offensive AI and non-AI security testing capabilities for continuous assessment
• Perform technical assessments against AI enabled applications and models, delivering actionable, relevant insights to system stakeholders and leadership
• On an as needed basis, consult with internal and external teams on best practices and standards to secure a wide range of infrastructure hardware and software solutions including: storage solutions, firewalls, routers, directory services, VPNs, endpoint protection, servers and hosts.
• On an as needed basis, conduct assessments of applications used for a wide variety of business purposes including: management, editing, transfer and streaming of content.
• Formulate and publish configuration guides to help secure technologies used for internal and as well as external facing workflows.
• Consult with Disney’s 3rd party vendors to review and assess their workflows, providing guidance to secure AI and non-AI based technologies
• Independently manage work tasks from assignment through publication of deliverables (i.e. reports).
• Provide guidance and technical mentorship to junior resources on the team.

Qualifications

• 7+ year’s experience in Cyber Security, with a focus on offensive security and assessments preferred
• Proven experience with designing, deploying secure infrastructure and applications, particularly application services running in the cloud
• Strong familiarity with assessing infrastructure deployed on-premises but also cloud based environments (AWS, GCP and Azure)
• Experience performing technical assessments and delivering results to a non-security focused audience
• Exceptional problem-solving skills and the ability to think critically
• Experience with AI/ML solutions on major cloud platforms such as Azure, Google, AWS, along with OpenAI
• AI/ML certifications (e.g. Azure AI Engineer Associate, AWS Certified ML) a plus
• InfoSec certifications such as CISSP, CCSP a plus

Required Education

• Bachelor’s (Master’s degree a plus) in Computer Science, Data Science, Engineering, or a related field

The hiring range for this position in California is $136,100.00-$182,400.00 per year based on a 40 hour work week. The amount of hours scheduled per week may vary based on business needs. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.