Senior Application Security and Compliance Specialist
Burbank, CA - USApply Now Apply Later
Job ID 658099BR Location Burbank, California, United States Business The Walt Disney Company (Corporate) Date posted 15/04/2019
Job Summary:At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.
The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. The Enterprise Technology organization drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.
This role is part of the Enterprise Business Systems (EBS) organization. Our mission is to provide business technology solutions for the enterprise that empower growth, and enhance value across brands, geographies and organizations.
The Application Support and Operations group is part of the EBS organization. We are responsible for excellence in operating business systems and processes in support of the enterprise. We lead with a culture of continuous improvement, innovation and automation.
Responsibilities:We look to add team members who are focused on delivery, passionate about customer service, make data-driven decisions, are life-long learners, and prefer to work in a high-tempo, problem-solving work environment.
The Sr. Application Security & Compliance Specialist is a security expert, who drives decisions based on risk and business impact. The role is part of the EBS Security & Compliance team, focused on application security, compliance, issue management, data privacy and controls assurance. This role will focus on ensuring EBS systems are built to, and remain compliant against, the security standards of The Walt Disney Company. This role will support the EBS “Security by Design” initiative, partnering with stakeholders to identify and drive improvements in the software development lifecycle across the portfolio. In addition, this role is part of the team responsible for the compliance of the EBS portfolio, partnering with service line owners to ensure regulatory and industry statues are met.
Your responsibilities will include:
- Enhancing the security profile of the EBS application portfolio through the recommendation and implementation of appropriate security and privacy controls, conducting periodic security assurance audits and taking a continuous improvement approach to security.
- Define and manage the issue managment program for EBS and be a security subject matter expert to engineering teams in remediation of identified security issues.
- Ability to understand on premise, SAAS and Cloud software architecture patterns, security DevOps practices, and recommend the best practice security controls to engineering teams.
- Acting as the application security focal point for periodic regulatory, industry and TWDC audits, working with auditors and technology partners to validate compliance
- Analyzing the state of security within an assigned portion of the EBS portfolio, producing finding reports and developing roadmaps to address challenges
- Partnering with Application owners to address security & compliance needs. The Sr. Specialist is expected to analyze and recommend solutions.
- Contributing to the development and implementation of comprehensive best practices across the application security discipline, institutionalizing, measuring and monitoring the effectiveness of security controls across the EBS portfolio.
- Partnering with the Application Security Architect in establishing “Security by Design” into all new services, while assessing and driving security enhancements across EBS applications and projects.
- Leveraging the EBS Security Assurance program, extending beyond traditional Compliance into security effectiveness and continuous assessment.
- Identifying and eliminating manual processes through the use of automation, especially in the areas of Compliance.
- Partnering with the Global Information Security team and segment peers in the spirit of partnership and on-going professional development.
- Minimum of 8 years in IT security in an environment of similar size/complexity
- 3+ years experience operating in an application development environment, with emphasis in agile development
- 3+ years experience in compliance management within a regulated environment (SOX, GDPR, HIPAA)
- Must have thorough knowledge of information security components, principles, practices, and procedures.
- Strong knowledge of industry and regulatory requirements (i.e., SOX, GDPR, HIPAA)
- Must have strong knowledge of web application, infrastructure, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development.
- Requires one of the following certifications: CISSP, CISM, CISA or equivalent
- 4+ years experience in Secure Software development, with experience in a Continuous Integration / Continuous Deployment / DevOps environment is preferred
- Strong knowledge of penetration testing, Red Team exercises and security assessment is highly desirable.
- Bachelor's Degree in Computer Science, Information Systems, Engineering, or related technical field
About The Walt Disney Company (Corporate):
At Disney Corporate you can see how the businesses behind the Company’s powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you’ll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with Disney Worldwide Services, Inc., which is part of a business segment we call The Walt Disney Company (Corporate).
Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.
Watch Our Jobs
Sign up to receive new job alerts and company information based on your preferences.