Manager, Information Security Compliance at The Walt Disney Company

Glendale, California, United States

Apply Now

Not SpecifiedCompensation

Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level

Full TimeJob Type

UnknownVisa

Entertainment, Media, TechnologyIndustries

Requirements

Experience supporting independent audits for SOX 404 ITGCs, PII, PCI, and ISPS
Ability to collaborate with Enterprise Controls and Compliance (ECC) to scope systems and ITGCs
Proficiency in performing control health checks and remediation testing procedures
Knowledge of developing and leading Control Assurance Programs (ISPS and SOX)
Expertise in leading Audit Readiness efforts, including system scoping, ITGCs, control validations, and program onboarding
Capability to participate in audit walkthrough meetings and establish internal testing procedures for automated controls
Skills in control self-evaluations for new controls or processes impacting existing controls
Competence in performing impact analysis and risk assessments on deficiency findings
Experience working with management and internal audit to maintain the master Risk and Control Matrix for systems material to Disney Entertainment and ESPN
Ability to ensure timely management responses to audit findings in corporate SOCD/SAD
Proficiency in overseeing ISPS Management Audit coordination and open action plans
Consultancy skills for Development leads

Responsibilities

Provide independent audit support for SOX 404 ITGCs, PII, PCI, and ISPS
Collaborate with ECC to scope systems and respective ITGCs
Perform control health checks and remediation testing procedures for issues from audits, access reviews, or assessments
Develop and lead the Control Assurance Programs for ISPS and SOX
Lead Audit Readiness efforts, ensuring proper system scoping, ITGCs, control validations, and timely program onboarding
Participate in audit walkthrough meetings to establish internal testing procedures and gain operational comfort in automated controls design, including control self-evaluations
Perform impact analysis and risk assessment on deficiency findings and related documentation
Work with management and internal audit to maintain the master Risk and Control Matrix for Disney Entertainment and ESPN systems (Broadcast TV and Streaming products)
Ensure timely management response of audit findings into corporate SOCD/SAD
Oversee ISPS Management Audit coordination and open action plans
Provide consultancy to Development leads

Skills

Key technologies and capabilities for this role

Information SecurityComplianceCybersecurityRisk AssessmentThreat DetectionCyber Threat ResponseSecurity Program Management

Questions & Answers

Common questions about this position

What are the main responsibilities of this role?

The role involves providing independent audit support for SOX 404 ITGCs, PII, PCI, and ISPS, collaborating with Enterprise Controls and Compliance to scope systems and ITGCs, performing control health checks and remediation testing, and developing and leading related processes.

What is the salary range for this position?

This information is not specified in the job description.

Is this a remote position or does it require office work?

This information is not specified in the job description.

What is the company culture like at Disney's Global Information Security team?

The GIS organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats, with objectives to protect information systems, reduce risk, strengthen the business, and innovate for operational efficiency.

What experience makes a strong candidate for this role?

Strong candidates will have expertise in independent audit support for SOX 404 ITGCs, PII, PCI, and ISPS, experience collaborating on system scoping and control health checks, and skills in remediation testing from audits and assessments.