Skip to main content
Search Jobs
What would you like to do?

Where would you like to work?

Governance Risk Specialist

New York, NY - US

Apply Now Apply Later

Job ID 744429BR Location New York, New York, United States Business Disney Streaming Services Date posted Feb. 14, 2020

Job Summary:

This is a key role within the Information Security department that will be focused on governance, risk and compliance for our streaming media service and other supporting applications. This role will assist in efforts to build a unified controls framework that will align with our regulatory and compliance requirements, specific internal security needs, and Disney’s corporate policies and standards. This person will contribute to the risk assessment and management program and develop governance capabilities that are relevant to the streaming services business unit. The candidate must have strong communication, organizational, and analytical skills. Driving awareness of security controls and accountability will be a key functional component of the role. Identifying weaknesses of DSS’s controls and assisting teams in development of mitigating activities is required. Assisting in the building of processes that ensure compliance with policies, standards, and controls that are measurable will also be part of this person’s function. The GRC analyst will lead the development of dashboards and other reporting mechanisms to communicate risk to DSS leadership.


  • Provide consultancy to IT management and team on the security and compliance activities
  • Coordinate internal and external audit work over IT operations and processes; liaise with IT teams in gathering documents and testing related IT controls during audit reviews
  • Perform security risk assessment on potential product/ services and compliance review on implementation
  • Execute internal compliance review to identify IT risks and potential security threats. Report activities toward continuous improvement. Initiate IT security related project/ product evaluation for improvement
  • Follow up with IT teams for any non-compliance issues and coordinate plans for remediation/ mitigation of risks and exposure; review remediation results
  • Assist in Investigating reported security case and follow up with users for any non-compliance issues and coordinate plans for remediation/ mitigation of risks and exposure
  • Enhance, maintain, and communicate the controls framework to accountable and responsible parties.
  • Identify opportunities for controls improvements and compliance reporting efficiency.
  • Report on effectiveness of controls. Generate and communicate dashboards with focus on executive consumable reporting.
  • Assist various teams in the creation of governance processes to maintain compliance.
  • Provide leadership in regulatory compliance activities including PCI, GDPR, and SOX.

Basic Qualifications:

  • At least 2 years of experience in implementation any component of a GRC program
  • Knowledge of PCI
  • Knowledge of GDPR
  • Knowledge of SOX
  • Experience working with internal audit teams
  • Has facilitated or managed audit processes
  • Experience conducting risk assessments
  • Experience developing executive level reporting

Preferred Qualifications:

  • Media industry experience
  • Knowledge of compliance in DevOps or Agile environments
  • Other security experience such as incident handling, architecture, operations, GRC, etc.
  • Cloud technology, specifically AWS
  • CISSP, GIAC, or similar certification
  • CISA

Required Education

  • 4 year degree

About Disney Streaming Services:

Disney Streaming Services is responsible for developing and operating The Walt Disney Company’s direct-to-consumer video businesses globally, including the ESPN+ premium sports streaming service; Disney+, the dedicated streaming home for entertainment from Disney, Pixar, Marvel, Star Wars, National Geographic and BAMTECH Media, a global leader in direct-to-consumer video streaming products and solutions. Our core mission is to deliver global audiences the freedom to access content on their terms across any connected device, time or location. We serve consumers by bringing the world’s most beloved characters, timeless stories, legendary athletes, and epic sporting events to global audiences through best-in-class direct-to-consumer video services. We strive daily to imaginatively challenge convention with innovative technology that gives consumers the freedom to access content on their terms across any connected device, time or location.

About The Walt Disney Company:

The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.

This position is with Disney Streaming Services, which is part of a business segment we call Disney Streaming Services.

Disney Streaming Technology LLC is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.

Apply Now Apply Later

Watch Our Jobs

Sign up to receive new job alerts and company information based on your preferences.

For Disney Job Alerts to work, JavaScript must be enabled in your browser.