Manager Security Engineering and Risk Advisory
Burbank, California, United States; Lake Buena Vista, Florida, United StatesApply NowApply Later
Job ID 803877BR Location Burbank, California, United States; Lake Buena Vista, Florida, United States Business The Walt Disney Company (Corporate) Date posted Jun. 16, 2021
Job Summary:At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.
In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:
- Analysis of known and emerging threats to determine risks against TWDC assets
- Creation, maintenance, governance and communication of security policies and standards across TWDC
- Assessment and audit of compliance against the security policies and standards
- Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria
Responsibilities:The Manager, Security Engineering and Risk Advisory will focus on advising and onboarding business areas across Disney Parks, Experiences, and Products (DPEP) to our enterprise security program. The manager will be responsible for integration with technology leaders in many of the 16 different business areas within DPEP, participating in technical planning and design to ensure alignment with security standards and policies. The manager also will work closely and drive integration with functional partners within the DPEP cybersecurity team as well as the enterprise security team. This role will likely work closely with partners located outside the U.S.
Responsibilities of the Role:
- Partner with multiple DPEP Solutions Engineering teams to successfully integrate and implement DevSecOps and secure coding standards into application development.
- Ensure that clear and measurable security requirements are available and consistently met and/or exceeded within DPEP Applications.
- Participate in technical planning and design to ensure alignment with security standards and policies.
- Shepherd the implementation of end-to-end security tollgates for application development.
- Streamline operational processes for efficiency and effectiveness.
- Adopt GIS risk index/KPIs into DPEP business units to move from coverage-based to risk-based security program.
- Lead a team of cybersecurity professionals providing security consultation, services, and solutions to protect the value and use of Disney’s information.
- Conduct analyses of systems to understand limitations and weaknesses. Identify cybersecurity gaps that need to be addressed.
- Advise senior leadership on minimizing new threats and vulnerabilities.
- Work closely and communicate effectively with business leaders and executives at all levels.
- 5+ years of experience in information security management and/or related functions demonstrating progressive leadership experience in cybersecurity.
- Demonstrated success within the following areas of cybersecurity:
- Application Security SDLC
- Data Security
- Penetration Testing
- Advance Threat Detection & Monitoring
- Automation & Machine learning
- Security Operations & Threat Hunting
- Experience managing geographically dispersed teams of experienced and technical employees (internal & outsourced).
- Up-to-date knowledge of information security issues, trends, and leading practices
- Expertise in security tools, policy development, and defensive protocols
- Proactive technologist who is able to diagnose security issues and determine the path forward with little direct supervision
- Strong relationship building skills with the ability to create trusted, transparent relationships across all levels of the organization
- Proven ability to effectively communicate security-related concepts to a broad range of technical and non-technical audiences, including senior executives
- Demonstrated ability collaborate with and influence a wide variety of partners to effectively deliver results
- Strong leadership skills with the ability to engage and lead direct reports through change
- Familiarity with Disney systems and processes
- In-depth knowledge of regulatory environment (Sarbanes-Oxley, HIPAA, PCI, PPI, GDPR, Data Privacy, Safe Harbor and other regulations)
- Disney experience is strongly preferred
- DPEP experience is preferred (especially with technologies in WDI, FOS, and other parts of the business)
- Licenses / Training: CISSP, GCIH, CISM, CISA, and CEH certifications are preferred
- Bachelors in Computer Science, Business Administration, and/or Information Systems
- Master’s in Computer Science, Business Administration, and/or Information Systems
About The Walt Disney Company (Corporate):
At Disney Corporate you can see how the businesses behind the Company’s powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you’ll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with Disney Worldwide Services, Inc., which is part of a business segment we call The Walt Disney Company (Corporate).
Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status or any other basis prohibited by federal, state or local law. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.