M+E Technology Job Board

Sr. Manager, Information Security

  • Full Time
  • Glendale, CA
  • Applications have closed

The Walt Disney Company

At Disney, we‘re storytellers. We make the impossible, possible. We do this through utilizing and developing cutting-edge technology and pushing the envelope to bring stories to life through our movies, products, interactive games, parks and resorts, and media networks. Now is your chance to join our talented team that delivers unparalleled creative content to audiences around the world.

The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.

In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:

1. Analysis of known and emerging threats to determine risks against TWDC assets
2. Creation, maintenance, governance and communication of security policies and standards across TWDC
3. Assessment and audit of compliance against the security policies and standards
4. Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria

We look to add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work.

The Information Security Officer team provides situational leadership in the protection of TWDC’s information through security assessment, program governance, and security training, awareness, education, and communication.

Engage with cross-functional teams to perform and manage information security assessments (scoping, evidence collection, reporting, process metrics, process improvement, and QA)
Address legal and regulatory requirements of systems falling within a compliance program and monitor compliance with ISPS
Provide security training, awareness, education, and communication
Build and foster strong relationships, and collaborate closely with peers and partner groups in Corporate
Know and evaluate current policies to provide analysis and mitigation
Establish metric based measurement of progress and produce dashboards regularly
Research, learn, and evaluate solutions to address problems, close gaps, and improve functionality and operations

Basic Qualifications

Minimum 10 years in technology organizations with 5-7 years of success leading a security discipline within large organizations
Must have thorough knowledge of information security components, principles, practices, and procedures. Must have thorough knowledge of web application, infrastructure, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development
Require one of the following certification: CISSP, CISM, CISA or equivalent

Required Education

BA/BS in business or computer science or bachelors and appropriate work experience

Preferred Education

Masters or other advanced degree preferred