Manager, Information Security Operations

Job Description

At Disney, we‘re storytellers. We make the impossible, possible. We do this through utilizing and developing cutting-edge technology and pushing the envelope to bring stories to life through our movies, products, interactive games, parks and resorts, and media networks. Now is your chance to join our talented team that delivers unparalleled creative content to audiences around the world.
The Manager, Information Security Operations reports into the Senior Manager of Studio Security Operations at The Walt Disney Studios based in Burbank and is responsible for managing a portfolio of projects and operational activities in support of various Studio Content Protection initiatives.
Responsibilities :

• Develop and maintain a centralized security operations program across all Studio Business Areas in alignment with Global Information Security
• Driving remediation by working with system and application owners on security or compliance issues
• Ensure Management Audit findings are addressed and remediated in a timely fashion
• Ensure Risks are documented and managed in the Risk Register and RSAM as appropriate
• Ensure issues discovered are remediated based upon agreed timeframes
• Establish and build relationships with all Studio technical teams on system configurations
• Responsible for monthly reporting of security posture to all key stakeholders
• Drive the Vulnerability Management program within TWDS and consult in other Studio business areas
• Participate in the strategic planning of Enterprise wide Regulatory programs to better meet the security requirements
• Build and maintain relationships with all Studio technical teams and key operational contacts. These relationships must be utilized to collect information relating to the effectiveness of compliance programs, enhance existing programs, where applicable, and assist in the creation of new programs if none exist.
• Ensure that all Studio Security Operations projects are managed and delivered within a predetermined and agreed timeline, scope and budget
• Implement and maintain a centralized reporting process for all security activities and projects, and provide comprehensive status to inform Studio Leadership
• Ensure proper tools are installed on all Studio systems
• Ensure all systems are configured to ISPS specifications
• Maintain RSAM exception process ensuring all agreed up timelines have been met
• Ensure all risks are entered into Risk Register with remediation plans documented and completed based upon agreed timeframes
• Acquires appropriate level of ongoing training in order to stay abreast of risk landscape and emerging technologies to effectively participate in the identification and response to known threats and vulnerabilities
• Maintain overall knowledge of current Regulatory Interest Groups as they pertain to existing IT assets and processes as well as emerging technologies to provide the necessary information when needed
• 5-10% travel required as the need arises

Basic Qualifications :

• Expertise in Regulatory Compliance requirements, specifically PCI DSS3.0, GDPR, SOC1/SOC2 audits
• Expertise in multiple Operating Systems (Linux, Unix, Windows Server/Workstation, Mac OS)
• Skilled in all security domains
• At least five years’ experience Systems Engineering/Administration
• Working knowledge of networking
• Ability to adapt to new technologies and trends
• Track record of delivering projects in scope, on time, and on budget
• Solid business acumen
• Media & Entertainment Industry experience is a plus
• Strong interpersonal and communication skills
• Effectively communicate across all levels of the organization
• Pro-active and possess a hands-on, collaborative working style
• Rapidly assimilate and summarize information from disparate sources
• Strong analytical skills
• Action oriented with high standard for quality and performance
• Excellent orientation to both the details and the bigger picture
• Ability to pay close attention to detail and understand written and verbal instructions
• Ability to organize and schedule work effectively
• Ability to work well under time constraints
• Ability to handle multiple tasks
• Articulate
• Autonomous

Preferred Qualifications:

• CISSP certification is a plus

Required Education :

• Systems Engineering/Administration, Business degree or equivalent experience required