Associate Security Specialist

This is a Full Time Job

Location: Burbank, California, United States; Orlando, Florida, United States; Seattle, Washington, United States

Job Summary:

Technology is at the heart of Disney's past, present, and future.
Enterprise Technology is a global team of technologists, engineers, security specialists, and more-working to deliver solutions that enable business growth, promote cross-company collaboration, and protect the digital infrastructure that supports The Walt Disney Company's diverse portfolio.

Our team builds the platforms and tools that empower storytellers, streamline operations, and enhance the consumer experience. Whether it's supporting our parks, studios, or corporate functions, we're focused on delivering world-class technology solutions that keep Disney moving forward.

Here's why we think you'll love working here:
• Purposeful Impact: Help safeguard the digital ecosystem that fuels storytelling, magic, and innovation across the company.
• Reach and Scale: Support platforms and systems used across iconic brands like Disney, ABC, ESPN, Marvel, Lucasfilm, and more.
• Innovation and Excellence: Work at the intersection of offensive security, automation, and risk mitigation to solve complex technical challenges.

Job Summary:
We're looking for an Associate Security Specialist to join the Security Assurance team, a part of Disney's Global Information Security (GIS) group. In this role, you'll help simulate real-world cyber threats and support penetration testing and vulnerability assessments across Disney's application and infrastructure landscape. You'll collaborate with technical teams to gather testing requirements, review findings, and track remediation efforts.

This is an exciting opportunity to be part of a team that proactively strengthens Disney's security posture through continuous testing, innovation, and collaboration.

Responsibilities and Duties of the Role:
• Support the execution of application and infrastructure security assessments across various Disney segments
• Meet with application owners to gather system information and access credentials
• Perform vulnerability analysis, brief teams on findings, and support remediation planning
• Conduct troubleshooting sessions and assist in root cause identification
• Maintain detailed tracking of assessment progress, metrics, and status updates
• Assist with automation and process improvement efforts for internal assessments
• Collaborate with engineers and stakeholders to ensure security best practices are followed

Required Education, Experience/Skills/Training

Basic Qualifications
• Proficient in Microsoft Excel (including use of formulas and pivot tables)
• Experience using Jira for project or task management
• Familiarity with RSA Archer or equivalent GRC tools
• Understanding of OWASP Top 10 vulnerabilities and remediation techniques
• Knowledge of penetration testing methodologies and tools
• Familiarity with ArmorCode or similar security platforms
• Strong analytical and problem-solving skills
• Excellent verbal and written communication skills
• Ability to multitask and work independently in a fast-paced environment

Preferred Qualifications
• 2+ years of experience in cybersecurity, information technology, or a related technical field
• Experience supporting offensive security or application security initiatives
• Exposure to Agile or Scrum-based development environments

Required Education
Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Engineering, or a related field, and/or equivalent work experience

The hiring range for this position in Los Angeles, CA is $87,100 - $116,700. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.