Skip to main content
Search Jobs
What would you like to do?

Where would you like to work?

Security Compliance Manager

Seattle, WA - US

Apply Now Apply Later


Job ID 757470BR Location Seattle, Washington, United States Business Direct-to-Consumer and International Date posted Mar. 17, 2020

Job Summary:

The Compliance Manager will be part of a dynamic and talented team of security experts, assisting in building and executing compliance programs and driving remediation. This role will know how to secure systems and work with auditors to ensure compensating controls are appropriately considered. This role will become an advisor and an authority on Cybersecurity and GRC throughout the organization. Driving strategies across PCI, SOX, GDPR, COPPA and NIST, or similar, to ensure the enterprise is compliant and risk adverse due to its secure nature, to include:
  • Define, implement, and execute key programs within the DTCI Cyber Assurance Team that include the following:
  • Remediation Management
  • Management & Regulatory Audit Management
  • SOX Audit Management
  • Controls Assurance Management
  • Manage and monitor both internal and external security related compliance requirements
  • Be a trusted advisor to our business partners
  • Drive continuous process maturity and improvement
  • Remain current with changes in policy, regulations, and technology to understand, communicate, and manage their associated implications to the Company

Responsibilities:

  • Manage security compliance audits and controls testing for the DTCI business unit. Key tasks include:
    • Planning and managing audit meetings
    • Assessing existing controls
    • Remediation management
    • Managing possible inherent and residual risk to the program(s)
    • Communicating necessary audit outcomes and deliverables to internal and external stakeholders
    • Fulfilling audit deliverables on behalf of Cyber Assurance Team
  • Assist with program development and implementation
  • Manage and report upon the status of assigned projects and/or deliverables
  • Support the initiatives and deliverables of the Global Information Security department
  • Identify and help implement areas for improvement (e.g., automation) to increase visibility and coverage; and to further reduce risk
  • Drive strategies to reduce vulnerabilities and manage programs to track and reduce control violations
  • Define formal security standards and practices consistent with enterprise security policy, legal, regulatory requirements, and industry best practices
  • Review, monitor and enable alignment to internal security policies & standards requirements
  • Assess technical controls for PCI, SOX, GDPR, COPPA and NIST, or similar compliance
  • Coordinate with external teams to implement technical controls to bridge Security gaps; e.g. SSO, Encryption, MFA, Patching
  • Identify and establish process improvements, automation and innovation opportunities to simplify, standardize and improve compliance
  • Ensures programs are in compliance with relevant local laws & regulations
  • Participate in key initiatives as the subject matter expert to ensure alignment with Information Security strategies and roadmap
  • Serve as subject matter expert to internal business and IT partners on a range of compliance standards as applicable to the business unit (e.g. SOX 404, PCI, GDPR or similar privacy regulations, etc.) and industry best practices (e.g. ITIL, COBIT, ISO 27001)

Basic Qualifications:

Experience Requirement: 5+ years related information security experience with demonstrated experience in building, implementing and continuous maturing cyber security compliance programs
  • One or more industry certificates preferred, e.g. CISSP, CISA, CISM, CRISC
  • Proven project management and organizational skills, specifically managing multiple, concurrent projects
  • Demonstrated experience managing large programs across cross functional teams
  • Demonstrated experience prioritizing competing demands, scoping large efforts, negotiation and ability to influence others in decided course of action
  • Ability to create and execute project plans and revise as appropriate to meet changing needs and requirements
  • Proven ability to create and maintain effective documentation of policies, processes, and procedures
  • Good understanding of Information System security principles and technologies
  • Knowledgeable of information security risk, governance, and control frameworks such as ISO/IEC27000 series, NIST CSF, CSA CCM and PCI DSS
  • Experience with SOX, GDPR, ISO27001/2 or another comparable audit experience is preferred
  • Able to apply published methodologies and enforce program standards
  • Able to proactively provide status and concerns that may impact the execution of assigned project and/or tasks
  • Able to problem solve and perform necessary research to identify additional options/solutions
• Behavioral Attributes: Ability to work in a dynamic, fast paced environment with limited direction and change oriented where the individual actively defines process improvements, champions and drives change initiatives, confronts difficult circumstances in creative ways, balances multiple and competing priorities and executes accordingly
  • Strong leadership skills and demonstrated ability to support cross functional team
  • Strong interpersonal, written, and oral communication skills
  • Highly self-motivated and directed professional, with keen attention to detail
  • Excellent analytical, pragmatic problem-solving and decision-making abilities
  • Able to effectively prioritize tasks in a high-pressure environment
  • Experience working in a team-oriented, collaborative environment
  • Must have situational awareness and adjust conversations and approach based on audience
  • Demonstrated customer service and solution-focused orientation

Required Education

  • Education Requirement: Bachelor’s degree or equivalent work experience

About Direct-to-Consumer and International:

Comprised of Disney’s international media businesses and the Company’s various streaming services, the Direct-to-Consumer and International segment aligns technology, content and distribution platforms to expand the Company’s global footprint and deliver world-class, personalized entertainment experiences to consumers around the world. This segment is responsible for The Walt Disney Company’s direct-to-consumer businesses globally, including the ESPN+ sports streaming service, programmed in partnership with ESPN; Disney+, the dedicated streaming home for entertainment from Disney, Pixar, Marvel, Star Wars, National Geographic; and the Company’s ownership stake in Hulu. As part of the Direct-to-Consumer and International segment, Disney Streaming Services, developer of the ESPN+ and Disney +, oversees all consumer-facing digital technology and products across the Company.

About The Walt Disney Company:

The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.

This position is with Disney Streaming Technology LLC, which is part of a business segment we call Direct-to-Consumer and International.

Disney Streaming Technology LLC is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.

Apply Now Apply Later

Watch Our Jobs

Sign up to receive new job alerts and company information based on your preferences.

For Disney Job Alerts to work, JavaScript must be enabled in your browser.