The Walt Disney Company Jobs

Mobile disney Logo

Job Information

The Walt Disney Company Security Compliance Manager in Seattle, Washington

  • Manage security compliance audits and controls testing for the DTCI business unit. Key tasks include:

  • Planning and managing audit meetings

  • Assessing existing controls

  • Remediation management

  • Managing possible inherent and residual risk to the program(s)

  • Communicating necessary audit outcomes and deliverables to internal and external stakeholders

  • Fulfilling audit deliverables on behalf of Cyber Assurance Team

  • Assist with program development and implementation

  • Manage and report upon the status of assigned projects and/or deliverables

  • Support the initiatives and deliverables of the Global Information Security department

  • Identify and help implement areas for improvement (e.g., automation) to increase visibility and coverage; and to further reduce risk

  • Drive strategies to reduce vulnerabilities and manage programs to track and reduce control violations

  • Define formal security standards and practices consistent with enterprise security policy, legal, regulatory requirements, and industry best practices

  • Review, monitor and enable alignment to internal security policies & standards requirements

  • Assess technical controls for PCI, SOX, GDPR, COPPA and NIST, or similar compliance

  • Coordinate with external teams to implement technical controls to bridge Security gaps; e.g. SSO, Encryption, MFA, Patching

  • Identify and establish process improvements, automation and innovation opportunities to simplify, standardize and improve compliance

  • Ensures programs are in compliance with relevant local laws & regulations

  • Participate in key initiatives as the subject matter expert to ensure alignment with Information Security strategies and roadmap

  • Serve as subject matter expert to internal business and IT partners on a range of compliance standards as applicable to the business unit (e.g. SOX 404, PCI, GDPR or similar privacy regulations, etc.) and industry best practices (e.g. ITIL, COBIT, ISO 27001)

Experience Requirement: 5+ years related information security experience with demonstrated experience in building, implementing and continuous maturing cyber security compliance programs

  • One or more industry certificates preferred, e.g. CISSP, CISA, CISM, CRISC

  • Proven project management and organizational skills, specifically managing multiple, concurrent projects

  • Demonstrated experience managing large programs across cross functional teams

  • Demonstrated experience prioritizing competing demands, scoping large efforts, negotiation and ability to influence others in decided course of action

  • Ability to create and execute project plans and revise as appropriate to meet changing needs and requirements

  • Proven ability to create and maintain effective documentation of policies, processes, and procedures

  • Good understanding of Information System security principles and technologies

  • Knowledgeable of information security risk, governance, and control frameworks such as ISO/IEC27000 series, NIST CSF, CSA CCM and PCI DSS

  • Experience with SOX, GDPR, ISO27001/2 or another comparable audit experience is preferred

  • Able to apply published methodologies and enforce program standards

  • Able to proactively provide status and concerns that may impact the execution of assigned project and/or tasks

  • Able to problem solve and perform necessary research to identify additional options/solutions

• Behavioral Attributes: Ability to work in a dynamic, fast paced environment with limited direction and change oriented where the individual actively defines process improvements, champions and drives change initiatives, confronts difficult circumstances in creative ways, balances multiple and competing priorities and executes accordingly

  • Strong leadership skills and demonstrated ability to support cross functional team

  • Strong interpersonal, written, and oral communication skills

  • Highly self-motivated and directed professional, with keen attention to detail

  • Excellent analytical, pragmatic problem-solving and decision-making abilities

  • Able to effectively prioritize tasks in a high-pressure environment

  • Experience working in a team-oriented, collaborative environment

  • Must have situational awareness and adjust conversations and approach based on audience

  • Demonstrated customer service and solution-focused orientation

  • Education Requirement: Bachelor’s degree or equivalent work experience

The Compliance Manager will be part of a dynamic and talented team of security experts, assisting in building and executing compliance programs and driving remediation. This role will know how to secure systems and work with auditors to ensure compensating controls are appropriately considered. This role will become an advisor and an authority on Cybersecurity and GRC throughout the organization. Driving strategies across PCI, SOX, GDPR, COPPA and NIST, or similar, to ensure the enterprise is compliant and risk adverse due to its secure nature, to include:

  • Define, implement, and execute key programs within the DTCI Cyber Assurance Team that include the following:

  • Remediation Management

  • Management & Regulatory Audit Management

  • SOX Audit Management

  • Controls Assurance Management

  • Manage and monitor both internal and external security related compliance requirements

  • Be a trusted advisor to our business partners

  • Drive continuous process maturity and improvement

  • Remain current with changes in policy, regulations, and technology to understand, communicate, and manage their associated implications to the Company

Required Education :

  • Education Requirement: Bachelor’s degree or equivalent work experience

Preferred Education :

Experience Requirement: 5+ years related information security experience with demonstrated experience in building, implementing and continuous maturing cyber security compliance programs

  • One or more industry certificates preferred, e.g. CISSP, CISA, CISM, CRISC

  • Proven project management and organizational skills, specifically managing multiple, concurrent projects

  • Demonstrated experience managing large programs across cross functional teams

  • Demonstrated experience prioritizing competing demands, scoping large efforts, negotiation and ability to influence others in decided course of action

  • Ability to create and execute project plans and revise as appropriate to meet changing needs and requirements

  • Proven ability to create and maintain effective documentation of policies, processes, and procedures

  • Good understanding of Information System security principles and technologies

  • Knowledgeable of information security risk, governance, and control frameworks such as ISO/IEC27000 series, NIST CSF, CSA CCM and PCI DSS

  • Experience with SOX, GDPR, ISO27001/2 or another comparable audit experience is preferred

  • Able to apply published methodologies and enforce program standards

  • Able to proactively provide status and concerns that may impact the execution of assigned project and/or tasks

  • Able to problem solve and perform necessary research to identify additional options/solutions

• Behavioral Attributes: Ability to work in a dynamic, fast paced environment with limited direction and change oriented where the individual actively defines process improvements, champions and drives change initiatives, confronts difficult circumstances in creative ways, balances multiple and competing priorities and executes accordingly

  • Strong leadership skills and demonstrated ability to support cross functional team

  • Strong interpersonal, written, and oral communication skills

  • Highly self-motivated and directed professional, with keen attention to detail

  • Excellent analytical, pragmatic problem-solving and decision-making abilities

  • Able to effectively prioritize tasks in a high-pressure environment

  • Experience working in a team-oriented, collaborative environment

  • Must have situational awareness and adjust conversations and approach based on audience

  • Demonstrated customer service and solution-focused orientation

Company Overview :

English

Job ID: 757470BR

Location: Seattle,Washington

Job Posting Company: Direct-to-Consumer and International

The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, email Candidate.Accommodations@Disney.com with your request. This email address is not for general employment inquiries or correspondence. We will only respond to those requests that are related to the accessibility of the online application system due to a disability.

DirectEmployers