Full Time Job

Lead Security Governance Manager


Burbank, CA 10-06-2023
Apply @ Employer
  • Paid
  • Full Time
  • Senior (5-10 years) Experience
Job Description
The Content Platforms' Content Protection team is looking for a Lead Security Governance Manager to play an influential role in the evaluation and assessment of the vital technology we need to distribute and protect our content. You may be challenged to creatively apply your content protection expertise to rare and complex aspects of distribution agreements with third party licensees. You must also have the ability to operate independently, proactively, and cross-functionally with technical and non-technical teams across the company.

As a Lead Security Governance Manager, you will have the opportunity to deep dive into the content distribution deal negotiation process as well as influence and evolve the content protection policies adopted by TWDC. Your responsibilities include supporting content security reviews for 3rd party distribution deals, identifying and evaluating emerging media distribution platforms and consumption devices, supporting piracy intelligence investigations, and maintaining a ''tear down'' lab. You may also represent TWDC in select industry forums and consortiums.
• Support distribution deals across worldwide distribution channels from a security technology standpoint, in particular as it relates to consumer experience, content protection, and future distribution trends
• Review licensee Technical Questionnaires and follow up as needed
• Hands-on evaluations of third-party media distribution solutions, including streaming video solutions, cable interactive frameworks, IPTV middleware platforms, and physical media
• Hands-on evaluations of new consumer devices, including set top boxes, mobile phones, and media application frameworks
• Hands-on evaluations of content protection solutions, including watermarking, fingerprinting, CAS, DRM, and encryption schemes
• Hands-on evaluations of chipsets components, including CPUs, GPUs, hybrid architectures, and mobile chipsets
• Participate in security reviews, threat modeling, and incident response investigations
• Perform audits such as VPN and geo-filtering effectiveness testing, vulnerability testing on platforms, devices, plug-ins and DRM implementations and effectively communicate results to both technical and non-technical stakeholders
• Design and maintain test cases, scripts and custom test tools for evaluations and VPN testing
• Investigate piracy incidents and collaborate with internal teams to identify source of piracy and block accounts/devices.
• Participates in standard-setting and regulatory activities such as AACS, BDA, DTLA, DCP, DCI, W3C, DVB, China DRM
• Keep technical and non-technical stakeholders abreast of trends, emerging products, delivery solutions, and content protection solutions
• Evaluate and provide security insights on consumer devices, including set top boxes, mobile phones, media application frameworks
• Translate trends into impacts to the current and future business in terms of product offerings, consumer experience and expectations, as well as distribution strategy
• Collaborate closely and effectively with other technology teams across TWDC

Minimum Qualification
• Strong understanding of content protection CAS and DRM solutions ((e.g. Google Widevine, Apple FairPlay Streaming, Microsoft PlayReady, Verimatrix, Nagra, OMA, etc.)), network protocols, delivery platforms, home networking protocols, encryption, digital audio/video, IP-delivered media and all forms of consumer media platforms;
• Strong understanding of mobile operating systems and security environments (iOS/Android).Skilled understanding of Digital Rights Management (DRM) based systems (e.g., Google Widevine, Microsoft PlayReady, Apple FairPlay, etc.).
• Knowledge of video distribution systems (OTT, Cable, Satellite, IPTV, etc.) and consumer devices
• Demonstrated the ability to perform hands-on technology and platforms evaluations;
• Technical expertise in encryption and authentication protocols, and their implementation;
• Experience with information security research, software and/or hardware interrogation, and familiarity with content distribution via the internet.
• Experience with VPN and Geo-filtering effectiveness testing.
• Successfully supported distribution deals across channels and business models;
• Hands-on knowledge of distribution platforms and device chipsets;
• Effectively communicate across all levels of the organization
• 7+ years of experience as a technology manager
• Demonstrated experience with security research tools.
• Informed understanding of network protocols, data delivery and security principles (PKI, RSA, etc.).
• Solid management skills and business acumen.
• Strong interpersonal and communication skills
• Proven track record in delivering complex software projects using a recognized project management methodology (Agile, Scrum, Waterfall, etc.)

Preferred Qualifications
• 7+ years of professional experience in media related engineering and system architecture;
• 7+ years of experience developing consumer facing applications- web, Interactive TV and Mobile;
• 7+ years of experience programming in OO environment (Java, C++, etc);
• 7+ years in systems integration;
• 7+ years building integrated solutions – front end, back end, services
• Demonstrated an ability to influence third party product roadmaps and features;
• Proven track record developing multi-tier applications in Java, .NET or other languages
• Proven track record in creating and consuming Web Services, REST, RSS, SOAP, JSON, OAuth
• First-hand knowledge of industry licensing and standard-setting activities;

The hiring range for this position in Burbank, CA is $124,000.00 to $166,200.00 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

About Disney Entertainment & ESPN Technology:

Disney Entertainment and ESPN Technology (DE&E Technology) provides the technological backbone and product development for Disney's two media business units, while helping to keep the company at the vanguard of innovation – enabling the Company to continuously leverage technology to enhance storytelling and creativity, while delivering scalability, flexibility, and efficiency for its businesses.

This position is with Disney Streaming Technology LLC, which is part of a business we call Disney Entertainment & ESPN Technology.

Disney Streaming Technology LLC is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, sexual orientation, gender identity, disability, protected veteran status or any other basis prohibited by federal, state or local law. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.

Jobcode: Reference SBJ-g3w034-44-197-101-251-42 in your application.

Salary Details
Salary Range: $124,000 to $166,200 Per Year ($ USD)
Company Profile

The Walt Disney Company Media Networks segment includes cable and broadcast television networks, television production and distribution operations, publishing, domestic television stations, digital businesses and radio networks and stations.