Skip to main content

Sr Security Specialist - Consumer Identity Security

Celebration, Florida, United States / Burbank, California, United States

Apply NowApply Later


Job ID 958490BR Location Celebration, Florida, United States / Burbank, California, United States Business The Walt Disney Company (Corporate) Date posted May. 03, 2022

Job Summary:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world — a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.

The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.

In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology.

This process includes:
1. Analysis of known and emerging threats to determine risks against TWDC assets.
2. Creation, maintenance, governance and communication of security policies and standards across TWDC.
3. Assessment and audit of compliance against the security policies and standards.
4. Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria.
We are looking to add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security, and love their work.

Responsibilities:

The Sr. Security Specialist, Consumer Identity Security (CIS), will be primarily responsible for driving the governance and risk remediation & reporting components of the overall Consumer Identity Security program. This includes:
  • Drive the creation and maintenance of the CIS risk reporting and gap remediation programs, as well as establish governance processes around these programs.
  • Define and maintain program risk metrics for measurement, including owning regular reporting against such metrics to key stakeholders in various forums.
  • Partner closely with CIS Identity Controls Assurance program to follow identified gaps/issues through to remediation, hold key stakeholders accountable, and report on risk impact.
  • Independently manage any coordination needed to understand current state of controls assurance, coordinate with stakeholders on remediation, and follow remediation progress to accurately depict state of risk.
  • Partner with our Global Information Security (GIS) service providers/partners to define procedures for appropriately identifying and tagging all consumer identity-related gaps/issues identified by those teams. Maintain governance around this process, including partnering with teams to modify tagging, when needed, and ensuring all tagged gaps are relayed to CIS team for tracking/reporting.
  • Own entire gap remediation process end-to-end for each IdP ecosystem, including all CIS-identified gaps and any consumer identity-related gaps identified by partner teams in GIS. This includes leading meetings, reviewing any necessary documentation to validate remediation, and reporting on progress and risk for control findings, vulnerabilities, compliance gaps, etc.
  • Manage multiple risk remediation, governance and reporting tasks simultaneously on tight deadlines.
  • Provide knowledge of information security concepts, principles and common policies/standards.
The Sr. Security Specialist, Consumer Identity Security, is an independent role, primarily responsible for leading the execution of the gap remediation and risk reporting components of the CIP program. This role will serve as a secondary support to the Identity Controls Assurance Program. Responsibilities entail owning the formulation of gap remediation tracking approaches, processes, tooling, documentation, reporting and summarization of consumer identity-related risks and gaps. This role will require partnership with CIS team members executing identity controls assurance assessments enterprise-wide, understanding of their identified gaps and agreed-on remediation strategies, and coordinating with responsible parties to follow those gaps through to remediation. It’s expected that this role will build solid partnerships with other GIS teams identifying consumer identity-related gaps and work with them to consolidate such gaps, pursue those through to remediation, and report on progress. This role will also provide support to the Sec Arch & Engineering and Data Teams under the CIP program in overall risk metric reporting and integration into the GIS Risk Scorecard.

Basic Qualifications:

Work Experience:
  • Minimum 3 years in security or technology organizations with demonstrable experience in performing compliance and/or risk assessments, documenting results, identifying remediation activities, following progression on issue remediation, and reporting resulting risk(s).
  • Minimum 3 years demonstrable experience related to IT governance, risk management and reporting.
  • Minimum 2 years in an identity management related area of expertise.
  • Prior experience in a consumer identity or consumer data discipline.
Skills / Specialized Knowledge/Competencies:
  • Knowledge in information security, privacy, and/or data protection, as well as information security standards, practices, and regulatory requirements.
  • Demonstrated understanding of risk measurement procedures and methodologies.
  • Ability to report on progress of gap remediation and communicate resulting risk stories.
  • Broad knowledge of common security programs and services: vulnerability management, risk assessments, security architecture reviews, penetration testing, etc.
  • Ability to multi-task, re-prioritize, provide status, and work without direct supervision.
  • Excellent communication, time-management and organization skills.
  • Demonstrated experience with JIRA.
  • Comfortable working with a varied audience, including senior executives, contractors, technical engineers, program managers, etc.
  • Experience with a BI Tool (e.g. Tableau).
Licenses / Training
  • CISA or CISM
  • CISSP or equivalent

Required Education

  • BA/BS in business, management information systems, computer science or equivalent work experience.

Additional Information:

DISNEYTECH
#LI-CM1


About The Walt Disney Company (Corporate):

At Disney Corporate you can see how the businesses behind the Company’s powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you’ll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe.

About The Walt Disney Company:

The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.

This position is with Disney Worldwide Services, Inc., which is part of a business we call The Walt Disney Company (Corporate).

Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.

Apply Now Apply Later

Watch Our Jobs

Sign up to receive new job alerts and company information based on your preferences.

For Disney Job Alerts to work, JavaScript must be enabled in your browser.