Sr Security Specialist - Governance
Jetzt bewerben Später bewerben Job ID 10116575 Standort Orlando, Florida, USA Veröffentlichungsdatum 28/03/2025 Unternehmen The Walt Disney Company (Corporate)Job-Zusammenfassung:
Department Description:
At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.
The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.
The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to:
- Secure the Magic by protecting information systems and platforms.
- Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.
- Strengthen the business through optimizing execution, application, and technology used to protect the Company.
- Innovate by investing in core capabilities to enhance operational efficiency.
Team Description:
The Enterprise Cybersecurity Governance team is responsible for the management of all cybersecurity policy, controls, standards, and guidelines. We ensure segment and business unit awareness of TWDC security requirements, identify patterns in control effectiveness to help mitigate risk, and monitor industry changes and direction and incorporate as appropriate into policy.
The Sr Security Specialist will play a key role in the Enterprise Cybersecurity governance team, driving the development, implementation, and management of governance programs. This role focuses on policy development and management, training and awareness, database development, oversight and leadership, and innovation to enhance governance maturity across the organization.
• Develop, update, and maintain enterprise cybersecurity policies, standards, and controls aligned with frameworks like NIST CSF, ISO 27001, and CIS.
• Partner with technical teams and SMEs to ensure governance initiatives are technically accurate and feasible.
• Facilitate discussions and collaborations with SMEs across infrastructure, cloud, application security, and other technical domains.
• Collaborate with the enterprise risk team to integrate cybersecurity risk into overall risk management strategies
• Develop and track key risk and performance indicators
• Enhance governance processes to ensure compliance with industry standards and regulations.
• Collaborate with teams to map policies and controls to organizational security requirements.
• Provide support for audit and regulatory inquiries related to governance.
• Utilize eGRC platforms (e.g., RSA Archer, ServiceNow, or equivalent) for managing governance processes, tracking compliance, and generating reports.
• Support efforts to integrate policy as code solutions into governance workflows.
• Work closely with technical teams to understand the impact of emerging technologies and incorporate them into governance strategies.
• Communicate governance requirements effectively to both technical and non-technical audiences.
• Provide guidance to teams on adhering to policies and implementing controls.
• Deliver documentation, reporting, and recommendations to stakeholders at all levels.
Must Haves:
• Minimum of 5 years of experience in cybersecurity working with governance, policy development, security engineering and collaboration with technical teams.
• Expertise in cybersecurity technologies and their alignment with governance objectives.
• Proven ability to develop and maintain policies, standards, and controls aligned with industry frameworks.
• Must have hands-on experience with eGRC tools such as RSA Archer, ServiceNow, or equivalent.
• Coding or programming experience (e.g., Python, Java, or scripting languages) to support policy automation and policy as code initiatives.
• Strong collaboration skills, with experience working alongside SMEs to integrate technical and governance requirements.
• Excellent verbal and written communication skills, including policy documentation and stakeholder engagement.
• Must have experience with cloud security frameworks and technologies (e.g., AWS, Azure, GCP).
• Knowledge of regulatory compliance standards such as GDPR, CCPA, and HIPAA.
Nice to Haves:
• Master’s degree in Cybersecurity, Information Assurance, or a related field.
• Industry certifications such as CISSP, CISM, CRISC, CDPSE, or similar.
• Experience implementing policy as code solutions.
Education:
- Bachelor’s degree in, Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience
Über The Walt Disney Company (Corporate):
Bei Disney Corporate erleben Sie, wie die Unternehmen hinter den starken Marken des Konzerns gemeinsam das innovativste, weitreichendste und am meisten bewunderte Entertainment-Unternehmen der Welt schaffen. Als Mitglied eines Konzernteams arbeiten Sie mit Weltklasse-Führungskräften zusammen, die mit innovativen Strategien dafür sorgen, dass The Walt Disney Company ihren Spitzenplatz in der Unterhaltungsbranche behält. Mischen Sie sich unter andere innovative Köpfe und helfen Sie den besten Geschichtenerzählern der Welt, unvergessliche Erinnerungen für Millionen von Familien rund um den Globus zu kreieren.
Über The Walt Disney Company:
Die Walt Disney Company ist zusammen mit ihren Tochtergesellschaften und verbundenen Unternehmen ein führendes, diversifiziertes internationales Familienunterhaltungs- und Medienunternehmen mit folgenden Geschäftsbereichen: Disney Entertainment, ESPN sowie Disney Experiences. Von seinen bescheidenen Anfängen als Zeichentrickfilmstudio in den 1920er Jahren bis zu seiner aktuellen Vorreiterrolle in der Unterhaltungsindustrie trägt Disney stolz sein Erbe weiter und bietet Geschichten und Erlebnisse von Weltklasse, die alle Familienmitglieder bezaubern. Disneys Geschichten, Figuren und Abenteuer erreichen Verbraucher und Gäste aus allen Teilen der Welt. Gemeinsam schaffen unsere Mitarbeiter und Darsteller aus Niederlassungen in über 40 Ländern der Welt Unterhaltungserlebnisse, die sowohl auf globaler Ebene als auch im heimischen Umfeld begeistern.
Diese Position ist bei Disney Worldwide Services, Inc., das Teil eines Geschäftssegments ist, das wir The Walt Disney Company (Corporate) nennen.
Disney Worldwide Services, Inc. bietet als Arbeitgeber Chancengleichheit. Die Beurteilung der Möglichkeit der Beschäftigung von Bewerbern erfolgt unabhängig von ethnischer Zugehörigkeit, Religion, Hautfarbe, Geschlecht, sexueller Orientierung, Geschlechtsidentität, Geschlechtsausdruck, nationaler Herkunft, Abstammung, Alter, Familienstand, militärischem Status oder Veteranenstatus, Gesundheitszustand, genetischen Informationen oder einer Behinderung, oder anderer gemäß Bundes-, Landes- oder örtlichem Gesetz verbotener Merkmale. Disney fördert eine Unternehmenskultur, in der Ideen und Entscheidungen aller Personen uns dabei helfen, zu wachsen, innovativ zu sein, die besten Geschichten zu schreiben und in einer sich ständig weiterentwickelnden Welt von Bedeutung zu sein.