Security Engineer - Security Architecture and Engineering

Security Engineer – Security Architecture and Engineering

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world‑class entertainment and technological leader. Our enterprise technology mission delivers solutions that align with business strategies while enabling efficiency and fostering cross‑company innovation. The Global Information Security (GIS) organization protects Disney’s magic by assessing, preventing, detecting, and responding to cyber threats.

The GIS Security Architecture and Engineering team is Disney’s trusted authority in security architecture, solution engineering, and secure product delivery. We design and implement scalable security architectures and frameworks that enhance resiliency, enable agility, and safeguard Disney’s global technology ecosystem.

• Design, develop, and implement secure solutions and reference architectures that align with business objectives, enterprise standards, and evolving threats.
• Provide situation‑based guidance during solution design, leveraging in‑depth knowledge of security technologies, policies, and controls to ensure alignment with Disney’s security requirements and industry best practices.
• Translate security requirements into scalable technical controls integrated across systems, applications, and cloud environments.
• Execute advanced risk and threat analysis activities, including threat modeling, architecture risk reviews, and vulnerability assessments.
• Incorporate internal incident trends and external threat intelligence to proactively shape security decisions and architectural guidance.
• Evaluate security posture across platforms and technologies, recommending pragmatic and business‑aligned mitigations.
• Create and maintain security architecture artifacts such as reference architectures, control frameworks, design patterns, standards, and policies.
• Support governance through documentation of control mapping, compliance alignment (e.g., NIST, CIS, ISO 27001), and integration into solution development.
• Translate complex security issues into understandable terms and balanced recommendations that consider business context, impact, and feasibility.
• Facilitate security reviews and ensure follow‑through on findings, including mitigation planning, exception tracking, and risk acceptance where appropriate.
• Document engineering designs, security findings, risk decisions, and solution status to support transparency, auditability, and knowledge‑sharing across the organization.
• Ensure configuration standards align with internal policy, regulatory requirements, and industry benchmarks such as CIS Benchmarks, NIST 800‑53, and DISA STIGs.

• 3+ years’ experience in Security Architecture & Engineering.
• 3+ years’ experience securing workloads and services in public cloud environments (AWS, Azure, GCP), including implementing native cloud security controls, identity and policy management, and secure configuration of cloud services.
• Proven ability to create conceptual, logical, and physical security architecture diagrams, with a deep understanding of common vulnerabilities and countermeasures across systems and networks.
• Experience designing and implementing security controls, including those for information protection, identity and access management (Kerberos, NTLM, Active Directory), and networking technologies (routing, switching, SDN, containerization, elastic compute).
• Strong working knowledge of risk analysis methodologies and the design of compensating controls in complex environments.
• Familiarity with leading cybersecurity frameworks and methodologies, such as NIST 800‑53, NIST 800‑30, MITRE ATT&CK, STRIDE, and general compliance programs and regulations (SOX, HIPAA, PCI DSS).

• Experience in at least two of the following domains:
  Security and Risk Management, Asset Security, Communications and Network Security, Identity and Access Management (IAM), Security Assessment and Testing, Security Operations, Software Security.
• Familiarity with enterprise architecture frameworks such as TOGAF and their application in aligning security requirements with business and IT…