Sr Security Specialist, CAT
At Disney, we‘re storytellers. We make the impossible, possible. We do this through utilizing and developing cutting-edge technology and pushing the envelope to bring stories to life through our movies, products, interactive games, parks and resorts, and media networks. Now is your chance to join our talented team that delivers unparalleled creative content to audiences around the world.
The Disney Technology Solutions and Services (DTSS) organization provides scalable, reliable enterprise-wide networks and computing platforms to all of the Disney businesses through integrated service aggregation from multiple internal and external providers. DTSS is guided by the principles of being service focused and easy to do business with, being biased for action and innovation, and being efficient through leverage and continuous improvement.
The primary purpose of this position is to coordinate the corrective actions defined in remediation plans, results of penetration tests, and post incident eradication work and drive those actions to resolution. This is a key role responsible to track all outstanding corrective actions and partner with appropriate remediation team to ensure actions are completed on schedule. The corrective actions will be identified by other TWDC entities; however, it will be the responsibility of the corrective action governance team to ensure awareness and completion by the owners occurs within the prescribed timelines. Strong project management skills and collaboration capabilities will be required to ensure resolution of these gaps in a matrix environment. Developing metrics will be critical to show effective progress and status.
- Knowledge of laws, regulations, and industry requirements related to Information Security (i.e. EU Safe Harbor Directive, Payment Card Industry, Domestic and International Privacy regulations)
- Working knowledge and experience with diverse IT architectures and enterprise IT data centers, external hosted services and cloud computing environments. Knowledge and experience with physical and virtual server configurations and implementations.
- Knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines (e.g. COBIT, CIS Baselines, NIST, vendor security technical implementation guides, etc.).
- Extensive project/program management and prioritization skills
- Expert level Technical support experience
- Experienced in security, operations, and audits including but not limited to SSAE16, EU Safe Harbor, PCI, SOX
- Experience working with perimeter technologies (e.g., router, firewalls, web proxies and intrusion prevention, etc.) and security tools (i.e. web application scanners, vulnerability scanners, file integrity monitoring, configuration monitoring, etc.).
- Ability to build and maintain constructive working and communications relationships with a diverse community of technical and non-technical audiences.
- Ability to articulate IT compliance requirements and design IT controls frameworks.
- Excellent planning and organization skills. Ability to focus/align tasks around critical initiatives in a time effective manner.
- Ability to coach and develop junior staff including basic quality review of work of others
- Excellent verbal, written, and presentation skills.
- Ability to develop and deliver presentations providing internal training on compliance matters.
- SharePoint administration, Excel, PowerPoint
- Ability to work in large global environments spanning multiple time-zones.
- Proven track record of successfully managing and implementing programs and projects.
- High standard of performance, attention to detail and commitment to excellence
- Thorough, good follow up and follow thru
- Demonstrated initiative and good judgment
- Self-starter with leadership skills and the ability to manage multiple tasks concurrently
- Strong analytical, organizational and decision-making skills
- 5+ years of IT security and/or IT compliance or IT technical support experience
- 3+ years of program and project management experience
- Expert level of organizational skills working within a matrix organization.
- Strong negotiation skills
- Ability to travel as required
- PMP, ITILv3, CPA, CIPT, CISSP, CISA, CISM
- 4 year degree in Computer Science, Risk Management, Information Assurance
- Master's degree in computer science or related field is preferred
At Corporate, you’ll team with the best in the business to build one of the most innovative global businesses in any industry. Uniquely positioned at the center of an exciting, multi-faceted Company, the forward-thinkers at Disney Corporate constantly pursue new ideas and technologies to help the Company’s many businesses drive value, all the while gaining something valuable from the experience themselves. Come see the most interesting Company from the most interesting point of view.
- This position is a legal entity of The Walt Disney Company, an equal opportunity employer.