Director, Information Security Architecture
At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We are here to protect the brand and reputation while enabling and supporting the business units. GIS teams are located in Seattle, Glendale, and Orlando.
We leverage a common, streamlined, agile and documented engagement model to gain efficiencies, increase visibility and ensure we are doing the most valuable work. This is a highly involved leadership position and we want to add people to our team who are also responsive to change, focused on delivery, continuous learners, passionate about security and love their work.
Our mission includes:
- Analyzing threats and risks
- Setting and managing security policies and standards
- Assessing compliance
- Assuring effective and efficient operations
The IT Security Architecture team develops and guides technology risk management in collaboration with teams across the company to enable responsive, secure and cost effective solutions. We are a highly versatile and technical team, gleaning from network engineering, application security, architecture, risk assessment and control alignment.
We are a lean team of security specialists that are here to:
- Evaluate solutions, architectures and processes to assess risk
- Identify solutions to remediate risk
- Support Third Party Assessments driven by Compliance
- Participate in and drive technology projects
- Work with BUs to ensure security services are integrated with their solutions
The Director, Security Architecture is responsible for providing leadership and guidance on the adherence to and implementation of the Company’s IT security policies and controls. The individual will also be responsible for promoting IT security policies, practices and decisions through the consulting services offered by the team. The position will report into the Vice President, Information Security Architecture.
The Director will develop strategic plans synergistic with Global Information Security to build IT security systems and processes that maximize IT security risk management opportunities and drive long-term effectiveness across the enterprise. This position serves as the technical expert, advisor and strategist for the development, standardization, deployment, and delivery of Disney’s enterprise-wide Information Security technical consulting work and architecture artifacts (Risk Assessments, Threat Models, Recommendations and Position Papers). This position will analyze best practices, strategy and services while overlaying these with business needs and identifying opportunities for efficiency and enhanced security.
The Director also represents Information Security Architecture on various working groups. This role leads and develops others technical curiosity, careers and deliverables while leading by example through hands-on engineering consulting and relationship development across the Segments of TWDC.
- Enable strategic business objectives and risk management through the evaluation, investment and delivery of the following services:
- Architecture Review & Design
- Risk Assessment
- Reference Architectures and Implementation Guidance
- Security Viewpoints & Security Recommendations
- Tool Evaluation
- Evaluate new solutions and services, provide a point of view on whether the technology meets our enterprise requirements of not for consumption across technical and non-technical audiences
- Review, refine and inspire pragmatic and accurate documentation
- Build and foster strong relationships with peers and partner groups in Enterprise Technology and our business units
- Collaborate closely with peers, direct and partner groups in Enterprise Technology and our business units as well as 3rd party providers
- Accountable for the on time and on budget delivery of multiple concurrent projects and/or programs
- Ensure Program Management office has timely, clear, accurate accounting of team work and delivery
- Advise and assist executive leadership on strategies, processes and investments
- Maintain a strategic framework for guiding year-over-year security investment decisions, defined with sustainable metrics for measuring performance and outcome
- Represent Security Architecture work to Interlock and Corrective Action Team processes
- Collaborate closely with multiple indirect reports and peers from partner groups including Enterprise Architecture and Enterprise Technology; as well as close partnership with other security teams with interdependent services including Security Operations, Governance, Risk, Compliance and Application Assurance
- Deliver on and influence strategic roadmaps in alignment with GIS objectives
- Influence technical direction through partnerships and relationships across The Walt Disney Company
- Develop and execute technical strategy to align with Functional, Domain and Segment plans to achieve key objectives
- Build and retain a high performing team capable of adapting to a rapidly changing technology and threat landscape
- Manage and mentor direct and indirect reports to excel in the quality, delivery and engagement of their work
- Build and manage financial plans and operating budgets for IT Security Architecture
- Provide active and frequent coaching
- Seek coaching and active feedback from peers and leadership
- Lead positive change efforts by guiding the team and customers through, awareness, buy-in, commitment and acceptance, resulting in enhanced business performance
- Ensure the team is delivering on projects and commitments
- Promote a “one team” culture through collaboration and teamwork
- Ensure work is prioritized and team is clear on expectations for quality, timeliness and accuracy
- Lead with practicality and wisdom in the midst of competing priorities and diverse personalities
- Minimum 15 years in technology organizations
- 10+ years of success leading a security discipline within large organizations
- Proven technical knowledge to enable efficient team management
- Proven record of delivering business critical projects within challenging time frames, multiple stakeholders groups and competing priorities
- Demonstrated experience in information security, privacy or a data protection-related function
- Proven understanding of information security risk assessment and risk management procedures and methodologies
- Ability to correlate enterprise risk with appropriate administrative, physical and technical security controls
- Strong knowledge of information security principles, standards, practices and technologies
- Strong knowledge of industry and regulatory requirements (i.e., PCI, SOX, Safe Harbor)
- Proven strong background in IT Security and Operational processes
- Require one of the following certification: CISSP, CISM, CCSP, CISA, GSEC
- BA/BS in business or computer science or bachelors and appropriate work experience
- Masters or other advanced degree
At Corporate, you’ll team with the best in the business to build one of the most innovative global businesses in any industry. Uniquely positioned at the center of an exciting, multi-faceted Company, the forward-thinkers at Disney Corporate constantly pursue new ideas and technologies to help the Company’s many businesses drive value, all the while gaining something valuable from the experience themselves. Come see the most interesting Company from the most interesting point of view.
Additional InformationThis position is a legal entity of The Walt Disney Company, an equal opportunity employer.