Job ID 483804BR
The Global Information Security (GIS) Operations team is looking for a passionate security professional to help protect the magic! We’re serious about protecting our assets, infrastructure and most importantly, company and customer data.
The Senior Security Specialist will be responsible for the maintenance, operation and integration of network and security tools to detect suspicious and hostile activity that would jeopardize the integrity of information systems. You will assist in the evaluation, research and development of computer and network security tools and implementation plans. This will require practical use and understanding of advanced security protocols, standards, and a solid knowledge of information security principles and practices. You will work closely with security team members, infrastructure engineers, information and system administrators to ensure mitigation of all activity detected. Coordinate cross-functional team meetings to remediate previously identified security risks and close out pending action plans.
Participate in 24x7 on-call rotation.
Perform Service Delivery of Security Operations Infrastructure:
- Support of TWDC Data Loss Prevention, product management, upgrades and reporting for both on-prem and cloud solutions.
- Support of TWDC end point security solutions, product management, upgrades and reporting for both on-prem and cloud solutions
- Supports systems security requirements, operational requirements, test and evaluation, integration and tuning of system security appliances, applications, and tools.
- Recommends and implements security policies and procedures as a result of in depth research of potential harmful threats to the organization's IT infrastructure.
- Provide coordination for securityevent detection, identification and resolution.
- Develop technical security standards to support policies including assisting in creating and coordinating security monitoring standards and incident investigation procedures.
- Engage with cross-functional teams in the design and implementation of security projects and initiatives
- Assist with the development of metric and scorecards in support of the information security program for quarterly and annual Information Security reports to executive management
Preform Security Analyst Functions
- Review proposed change control request to ensure proper alignment with TWDC policies standards and guidelines
- Maintain responsibility for incident confirmation, response, data collection, investigation, and analysis.
- Issue, follow-up, resolve or drive resolution of open securityevent tickets.
- Respond to computer security breaches and viruses
- Support investigations with respect to forensics (including disk, email and web history)
- In conjunction with the Application Service Owner, Network Operator, provide IT security input on projects and other formal work groups and committees
- Promote awareness of applicable security policies and standards
- Implement or coordinate remediation required by audits, as necessary
- Collate securityevent data to produce monthly exception and management reports.
- Respond to and, where appropriate, resolve or escalate reported security incidents.
- Stays up to date on new software/hardware reaching the market and how security policies apply.
- At least five (5) years of relevant work experience with three (3) years of practical information securityexperience.
- Expert level experience managing security tools.
- Experience tuning, improving and devising new ways to collect, signal, and identify suspicious events in an operational production environment.
- Experience working in an operational capacity, with expertise in at least one of the following areas: server, network, cloud, database
- Experience working with Enterprise SIEM, log sources, incident escalation
- Experience in information management and information technologysecurity design and implementation.
- Experience with log or data analysis, extracting salient data points to improve detective capabilities.
- Broad exposure to various security disciplines and deeper understanding of models and principles behind core security concepts such as TCP/IP, MFA, and network routing and switching.
- Experience working with multiple operating systems to include Linux, Windows, and OS X.
- Intermediate knowledge/ coding skills in Python or similar.
- Ability to manage multiple priorities and work effectively in a fast-paced, high volume, results driven environment.
- Ability to rapidly assess a situation and identify, isolate and communicate problems and issues.
- Excellent communication skills (both oral/written) including ability to clearly communicate risks and risk management issues to technologists and non-technologists.
- Participate in 24x7 on-call rotation.
- One or more senior Information Security certifications (e.g. CISSP/GIAC) preferred.
- Experience in Symantec, or other Data Loss Prevention tools/products supporting a large enterprise preferred.
- Advanced scripting/coding skills preferred.
- Bachelor’s Degree in Computer Science, Computer Engineering/Information Systems or equivalent experience