Director Information Security Officer (ISO) – International
New York, NY - USApply Now Apply Later
Job ID 699499BR Location New York, New York, United States; Burbank, California, United States Business Direct-to-Consumer and International Date posted 22/08/2019
This position requires a strategic leader with strong collaboration skills, detailed working knowledge of IT and Information Security best practices, and familiarity in leading a distributed and matrixed team in effectively managing risks for a complex business environment. This role serves as the process owner of all operational activities related to the ongoing identification, management and reporting of key security risks. The Director, Information Security Officer must be highly knowledgeable about the local business environment and must provide pragmatic security oversight to ensure that it is operating within the risk appetite.
This position may be located in any of the following cities: Bristol, CT; New York, NY; Orlando, FL; Seattle, WA; or Burbank, CA.
- Establish, implement and monitors the cyber risk management program that is appropriate for the regions
- Communicates and ensures programs are in compliance with applicable laws, regulations, policies, and standards
- Coordinates with IT Leadership Team, Corporate and Segment security teams, and Management Audit to facilitate key risk management processes and define acceptable levels of risk
- Collaborate with executive management and department leaders to assess near- and long-term cyber risk management needs
- Participate in key initiatives as the subject matter expert to ensure alignment with Information Security strategies and roadmap
- Serve as subject matter expert to internal business and IT partners on a range of compliance standards as applicable to the business unit (e.g. SOX 404, HIPAA, PCI, privacy regulations, etc.) and industry best practices (e.g. ITIL, COBIT, ISO 27001)
- Identify and establish process improvements, automation and innovation opportunities to simplify, standardize and improve compliance
- Stay current on market developments to identify emerging security technologies, risks and trends to ensure that computing environment keeps pace with security technology and risk landscape evolution
- 10+ years of experience in information security with demonstrated experience in building, implementing and continuous maturing of leading cyber security operations programs
- 5+ years of management experience that includes overseeing direct reports
- Demonstrated technical abilities across a broad range of technologies: Windows, Linux, relational databases (Oracle, MS SQL, etc.), NGFW, secure web gateways, endpoint security, vulnerability scanners, SIEM, virtualization and cloud computing
- Proven experience and success with managing IT or Information Security risk functions
- Proven experience with IT risk and compliance best practices
- Knowledgeable of information security risk, governance, and control frameworks such as ISO/IEC27000 series, NIST CSF, CSA CCM and PCI DSS
- Proven project management and organizational skills, specifically managing multiple, concurrent projects
- Strong interpersonal, written, and oral communication skills
- Highly self-motivated and directed professional, with keen attention to detail
- Excellent analytical, problem-solving and decision-making abilities
- Able to effectively prioritize tasks in a high-pressure environment
- Strong customer service and solution-focused orientation
- Experience working in a team-oriented, collaborative environment
- CISSP, GIAC GCIA and GIAC GCIH certifications desired
- Bachelor's or Master's Degree in Information Systems, Computer Science or related discipline is highly desired
About Direct-to-Consumer and International:
Comprised of Disney’s international media businesses and the Company’s various streaming services, the Direct-to-Consumer and International segment aligns technology, content and distribution platforms to expand the Company’s global footprint and deliver world-class, personalized entertainment experiences to consumers around the world. This segment is responsible for The Walt Disney Company’s direct-to-consumer businesses globally, including the ESPN+ sports streaming service, programmed in partnership with ESPN; the upcoming Disney-branded direct-to-consumer streaming service; and the Company’s ownership stake in Hulu. As part of the Direct-to-Consumer and International segment, Disney Streaming Services, developer of the ESPN+ and Disney-branded streaming platforms, oversees all consumer-facing digital technology and products across the Company.
About The Walt Disney Company:
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.
This position is with ESPN Technology Services, Inc., which is part of a business segment we call Direct-to-Consumer and International.
ESPN Technology Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.
Watch Our Jobs
Sign up to receive new job alerts and company information based on your preferences.