Information Security Manager, Architecture & Engineering
Burbank, California, United StatesApply NowApply Later
Job ID 829752BR Location Burbank, California, United States Business The Walt Disney Company (Corporate) Date posted Jul. 20, 2021
Job Summary:The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.
In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:
1. Analysis of known and emerging threats to determine risks against TWDC assets
2. Creation, maintenance, governance and communication of security policies and standards across TWDC
3. Assessment and audit of compliance against the security policies and standards
4. Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria
We look add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work.
The IT Security Architecture & Engineering team develops and guides technology risk management in collaboration with teams across the company to enable responsive, secure and cost effective solutions. We are a highly versatile and technical team, gleaning from network engineering, application security, architecture, risk assessment and control alignment. We are a team of security pros that are here to:
- Evaluate solutions and architectures to assess qualitative and quantitative risk
- Identify solutions to reduce risk and enhance our prevention and detection capabilities
- Conduct Threat Modeling
Responsibilities:The Manager, Information Security Architecture is responsible for evaluating a myriad of deployment scenarios, services, models and technology to ensure they are secure across the Walt Disney Company (TWDC). This role is highly versatile and gleaning from network engineering, application security, compliance, data, cloud and DevSecOps. This individual is responsible for providing leadership and guidance on the adherence to and implementation of the Company’s Information Security Policy and Standards (ISPS). Additionally, the individual will organize and facilitate various information security meetings and task forces across TWDC stakeholders to support our strategic programs. The position will report to Information Security Architecture & Engineering executive leadership.
- Lead, manage and deliver against our catalog of services including, but not limited to Risk Assessments, Security Positions and Advisory Services, by, or with the team.
- Partner with Information Security Architecture & Engineering leaders to define and mature our service offerings that aligns resources, processes, and communications across IT and business teams.
- Provide project leadership and guidance for selected projects or strategic programs during the planning, execution, delivery and wrap-up phases.
- Engage GIS, Enterprise Technology, and segment IT teams to ensure cross organizational activities and initiatives support and or align to SecArch&Eng team functional services and processes.
- Ensure processes are known, documented and properly performed to produce consistent, timely, high quality deliverables.
- Engage and track lessons learned and best practices towards continuous improvement.
- Assist with drafting proposals, and determining potential revisions or additions to existing services.
- Prepare and submit reports as needed to leadership (status, metrics).
- Assist in SecArch&Eng strategy and planning efforts per the fiscal year goals and objectives, and ensure alignment with GIS global strategy and TWDC business objectives.
- Partner with Information Security Architecture & Engineering leaders to track and improve operations efficiency, effectiveness and coverage. Continuously analyze and enhance team operations and domain risk metrics to assure relevance and support the achievement of goals.
Basic Qualifications:Minimum 10 years in technology organizations with 5-7 years of success leading a security discipline within large organizations.
- Demonstrated experience in information security, privacy or a data protection-related function
- Proven understanding of information security risk assessment and risk management procedures and methodologies.
- Ability to correlate enterprise risk with appropriate administrative, physical and technical security controls.
- Strong knowledge of information security principles, standards, practices and technologies
- Strong knowledge of industry and regulatory requirements (i.e., PCI, SOX, Safe Harbor)
- Proven strong background in IT Security and Operational processes
- Knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines (e.g. COBIT, CIS Baselines, NIST, vendor security technical implementation guides, etc.)
- Demonstrated experience leading work of others
- Demonstrated strong organizational skills with attention to detail
- Proven ability to achieve results in a fast moving, dynamic environment
- Ability to develop strong working relationships
- Ability to multi-task and meet deadlines.
- Excellent communication, problem-solving and decision-making skills
- Practical use and understanding of advanced security protocols and standards, and solid knowledge of information security principles and practices as well as latest scalable technologies
Preferred Qualifications:Prefer one of the following certification: CISSP, CISM, CISA or equivalent
Required EducationBA/BS in business or computer science or appropriate work experience
Preferred EducationMasters or other advanced degree preferred
About The Walt Disney Company (Corporate):
At Disney Corporate you can see how the businesses behind the Company’s powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you’ll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with Disney Worldwide Services, Inc., which is part of a business segment we call The Walt Disney Company (Corporate).
Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status or any other basis prohibited by federal, state or local law. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.