This website uses cookies to ensure you get the best experience. Learn more
The Walt Disney Company

Senior Security Specialist Correction Action

Job Summary:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.

The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.

In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:
  • Analysis of known and emerging threats to determine risks against TWDC assets
  • Creation, maintenance, governance and communication of security policies and standards across TWDC
  • Assessment and audit of compliance against the security policies and standards
  • Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria
We look add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are

Continuous learners, passionate about information security and love their work.

Responsibilities:

The Corrective Action Team (“CA Team”) provides TWDC Enterprise with Remediation Assurance Services (“RAS”) for Information Security Control Failures that are critical or high risk to TWDC

  1. Monitoring Service: The CA Team monitors the existence of IT Security Control failures from the CA Team’s engagement point – based on control requirements and priority – to the remediation plan’s closure.
  2. Escalating Service: The CA Team uses a progressive escalation process that ensures that all Executive Owners are fully informed on the status of each overdue remediation plan for an identified Information Security Control Failure. The process includes two steps:
    1. Define the communication channel based on the segment’s (Line of Business) functional owners, the responsible segment (Line of Business) ISO, Global ISO and ultimately the TWDC Technology Decision Makers Matrix.
    2. Begin targeted communication to executive leadership for assistance in meeting the agreed upon remediation target.
  3. Consulting Service: The CA Team will provide expertise and direction to assist line of businesses with meeting remediation goals.
  4. Management Audit Service: Corrective Action Team provides proactive management using standardized communication and workflow procedures that increase accountabilities efficiencies for all enterprise audits with security related findings- except those preformed under an Attorney Client Privilege designation.
  5. Systemic Evaluation Service: The CA Team will aggregate and analyze vulnerability instances and create trending based on root cause analysis and metrics.
  6. Reporting Service: The CA Team delivers four reporting packages to its core customers.
    1. Domain reports
    2. Segment specific reports
    3. Leadership ad hoc reports
    4. Systemic evaluation reports

Basic Qualifications:

  • Typically 8-15 years
  • In depth knowledge Information Security control Framework
  • Project Management experience
  • Experience with security tools (firewalls, anti-virus products,. Vulnerability scanners)
  • Excellent verbal and written skills
  • Savvy communication methods for interacting with Executive Staff
  • In-depth knowledge of vulnerability management practices.
  • Competent Data analysis capability
GIAC Strategic Planning, Policy and Leadership (GSTRT), SANS • SANS Security Awareness Profession (SSAP), SANS • Certified Information Systems Security Professional (CISSP), ISC2

Preferred Qualifications:

  • 15+ years work experience in Security Engineering
  • In depth knowledge Information Security control Framework
  • Project Management experience
  • Experience with security tools (firewalls, anti-virus products,. Vulnerability scanners)
  • Excellent verbal and written skills
  • Savvy communication methods for interacting with Executive Staff
  • In-depth knowledge of vulnerability management practices.
  • Competent Data analysis capability
GIAC Strategic Planning, Policy and Leadership (GSTRT), SANS • SANS Security Awareness Profession (SSAP), SANS • Certified Information Systems Security Professional (CISSP), ISC2 • Certified Ethical Hacker (CEH), EC Council • Certified Network Defense Architect (CNDA), EC Council • Security +, Comp TIA • ITIL Practitioner Release and Control

Required Education

BA/BS in business or computer science or equivalent work experience

Additional Information:

DISNEYTECH



About The Walt Disney Company (Corporate):

At Disney Corporate you can see how the businesses behind the Company’s powerful brands come together to create the most innovative, far-reaching and admired entertainment company in the world. As a member of a corporate team, you’ll work with world-class leaders driving the strategies that keep The Walt Disney Company at the leading edge of entertainment. See and be seen by other innovative thinkers as you enable the greatest storytellers in the world to create memories for millions of families around the globe.

About The Walt Disney Company:

The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.

This position is with Disney Worldwide Services, Inc., which is part of a business segment we call The Walt Disney Company (Corporate).

Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or protected veteran status or any other basis prohibited by federal, state or local law. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.

Apply Now

Share this