Sr Security Specialist, Compliance

Job Posting Title: Sr Security Specialist, ComplianceReq ID: 10111858Job Description:This is not a remote role. Must be local or be willing to relocate to one of the hubs (Burbank, NYC, Orlando or Seattle)At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.The Global Information Security (GIS) group provides services to protect the value and use of Disney’s information through collaboration, standardization, enforcement, and education across Disney. The main focus areas of this group are:Reduce the risk of both accidental and malicious data disclosureIdentify, monitor, engage with complete inventory of informationEstablish appropriate policies and procedures to be followedEducate user community to minimize riskTeam Description:The GIS Compliance team oversees ongoing security programs to evaluate the health of Disney’s control environment. These programs include external audits, internal control validation, third party assessments, and ongoing consulting. The department is responsible for understanding and interpreting regulated controls and assessment requirements (Payment Card Industry, SOX, General Data Protection Regulations, Third Party Assessment) for Disney. We are looking for a Sr Security Compliance Specialist to come and help us with these efforts.Responsibilities:Manage security compliance assessment scheduling/planning, scoping, and executionMeasure security compliance with both external requirements and internal policies and standardsIdentify and justify key control attributes for testingConduct informational walkthroughs to clarify processes and architecturesObtain artifacts to support the assessment of security controls and procedures, using a robust “trust but verify” approachPresent assessment findings and recommendations to management, concluding on the effectiveness and efficiency of control mechanisms, while documenting all aspectsAdvise IT, Segment, and business partners on security-related risks and control weaknesses. For identified security gaps, contribute to performing business impact analyses and determining appropriate remedies that minimize security threatsArticulate the elements of effective and sustainable control design to IT and business partnersDesign and implement continuous control monitoring mechanisms, collaborating with business partners to source and interpret data that reflects the current state of the control environmentFacilitate the collection of control attestations and questionnaires for targeted controls & systemsManage inventories, track remediation efforts, and oversee compensating controlsStay abreast of compliance and assessment trends within Disney, at suppliers, and from legislators and regulatory bodiesRequired Qualifications & Skills:5+ years of experience in IT audit, IT security, and/or compliance within a large enterprise organizationValidated experience leading audits/assessments with complex environmentsStrong demonstrated experience with PCI, SOX, etc.Solid experience interpreting and auditing external security regulationsAbility to grasp underlying technology stacks and document end-to-end service delivery flowsGood organizational, analytical, and problem-solving skills - balancing multiple priorities under tight deadlinesExcellent written, verbal, and visual communication for partners (internal & external) in all roles and levels – with an ability to establish credibility and coordinate partnerships across varying business segmentsBachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experiencePreferred Qualifications:Master’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of studySecurity certification (CISSP, CISA GSEC), and/or other comparable certification/sPrior experience working within a global media entertainment organization#DISNEYTECH The hiring range for this position in Burbank CA is $112,600 to $151,000 per year. and in New York NY & Seattle WA is $118,000 to $158,200 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.Job Posting Segment: Enterprise TechnologyJob Posting Primary Business: Corporate Global Information SecurityPrimary Job Posting Category: Security GovernanceEmployment Type: Full timePrimary City, State, Region, Postal Code: Burbank, CA, USAAlternate City, State, Region, Postal Code: USA - FL - Kirkman Point 1, USA - NY - 7 Hudson Square, USA - WA - 925 4th AveDate Posted: 2025-02-07

Apply for the job now!

Apply for this job