Manager, Information Security and Compliance

Job ID 10079817 Location Lantau Island, Hong Kong Business Hong Kong Disneyland Resort Date posted Mar. 26, 2024

Apply Now

ENJOY THE MAGIC

Because our employees and cast members are at the heart of everything we do, Disney offers a competitive total rewards package that includes pay, health and savings benefits, time-off programs, educational opportunities and more.

*Benefits and eligibility may vary by business and location

HEALTH INSURANCE & WELLBEING
CHILDCARE OPTIONS
PAID TIME OFF
RETIREMENT PROGRAMS
TUITION ASSISTANCE
WEEKLY PAY

View All

"I didn't think it was possible that something I did for fun - telling sports stories through stats - could become my job until I came here."

Ana, Sr. Researcher, ESPN

Job Summary:

HKDL Information Security and Compliance Team is part of the line of business (LOB) Technology, Digital and Data (T&D). The team provides services to protect the value and use of Disney’s information through collaboration, standardization and enforcement across HKDL T&D.

This role will be leading and driving the information security and compliance team in

delivering cyber security assurance and best practices oversight for HKDL T&D portfolio of products, platforms and services ecosystems, across complex multi-cloud, multi-partner environments.
working closely with global partners, internal T&D teams, other LOBs and external vendors
providing information security related advisory in accordance with corporate and segment standards, industry practices and external regulations.

Key Responsibilities

Leadership

Supervise and lead the information security and compliance team with a diverse of specialists and external vendors in

Planning and ensuring information security assessments are conducted on HKDL T&D applications according to corporate standards
fostering a sense of teamwork and collaboration while driving effective dialogue, spirit of continuous improvement, and team-oriented decision making
driving team to manage security risk metrics and end to end remediation
facilitating the internal or external audits, penetration testing, and red team activities relating to HKDL T&D
participating in information security incident response team to handle information security incidents, work closely with segment counterpart in conducting investigations, and prepare incident reports

Partnership

Engage with different internal and external stakeholders to craft successful strategies, with lots of partnership opportunities from local, global and external

Ensure effective communication with other T&D sub-teams and with other partners
Act as the focal contact point with US partners about information security and compliance in T&D
Best practices sharing and learnings with other sites, and working side-by-side with the global information security team
Collaborate with teams to establish appropriate measures to reduce the risk of both accidental and malicious data disclosure
Interactions with vendors to understand the new solutions in the marketplace and propose to management if needed

Result Driven

Act as the security architect and participate in architecture reviews to provide advisory and recommendation on information security related matters

Provide value added input/ consultancy to the business partners and internal teams in security architecture and driving security by design
Provide advice, recommendation and good practice in information security and compliance
In partnership with application teams and other stakeholders, define and support the implementation of appropriate remediation plans to address identified gaps
Support the closure of key cyber security threats and vulnerabilities (e.g. zero-day vulnerabilities or during the Project Development Lifecycle)

Project management

Lead and drive cross-team information security programs

Maintain existing local managed privileged access management solution and develop a roadmap for additional capabilities
Identify, propose and oversee the implementation of cross-team information security related program
Providing leadership around any large-scale security & compliance projects created to execute remediation for any significant gaps identified, which may include the involvement of cross-functional teams

Business Savvy

Capable to position and drive security initiatives as a business enabler
Be the change champion and drive the others toward commitment to security
Able to define, formulate and implement security strategy and potential roadmap
Design and define security framework and architecture

Job Requirements

Bachelor’s Degree or above in Computer Science, Technology, Engineering, Information/ Cyber Security, or relevant disciplines
Minimum of 10 years working experience in information/ cyber security, IT audit/ governance/ compliance, technology risk management, or equivalent
Holder of at least one industry recognized certification in information security (CISSP, CISA, CISM, or equivalent.)
Prior experience in leading a team with solid understanding in information security and compliance related processes
Possess knowledge of cyber security principles, information security risk managements, information/ cybersecurity controls and reviews to ensure adequate controls and adherence to company’s information security policies and standards
Solid working experience in adopting security related framework/standards, such as PCI-DSS, Sarbanes Oxley (SOX), PDPO, GDPR, MITRE ATT&CK, etc.
Good knowledge in control related best practices e.g. NIST, ISO 27001, SSAE21, COBIT, ITIL, etc.
Knowledge of secure coding best practices, source code review, and internet threat vectors such as the OWASP top 10
Excellent written and verbal communication skills in English and Chinese, with the ability to communicate technical topics to management and non-technical audiences
Strong collaboration and interpersonal skills
Strong problem solving, decision making, and analytical skills
Attention to details, self-motivated and a good team player

HKProfessional #LI-AI1

Apply Now

About Hong Kong Disneyland Resort:

Hong Kong Disneyland Resort offers unforgettable, culturally distinctive Disney experiences for guests of all ages and backgrounds. Filled with your favorite Disney stories and characters, Hong Kong Disneyland Resort offers guests the opportunity to explore eight diverse lands that are home to award-winning, one-of-a-kind attractions and entertainment. Complete your adventure with stays at the resort’s luxurious Disney hotels. The magic doesn’t end at our doorstep; as a dedicated member of the local community that cares deeply about societal wellbeing, Hong Kong Disneyland Resort spreads its magic through community service programs that help families in need, boost creativity among children and families, encourage the protection of the environment and inspire healthier living.

About The Walt Disney Company:

The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.

This position is with HK International Theme Parks Limited, which is part of a business we call Hong Kong Disneyland Resort.

DISABILITY ACCOMMODATION FOR EMPLOYMENT APPLICATIONS

The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, email HKDL.Candidate.Accommodations@Disney.com with your request. This email address is not for general employment inquiries or correspondence. We will only respond to those requests that are related to the accessibility of the online application system due to a disability.

Having technical issues? View the FAQs for help.

Hiring Process

Where Does Your Story Begin?

Explore Disney Careers and the Life at Disney blog to learn about all the amazing opportunities waiting to be discovered at The Walt Disney Company.
Be Part of the Story

There are many different brands and businesses to explore. Once you've found the opportunity that is right for you, take the next step by completing your application.
The Next Chapter

Once you've applied, you will receive an email allowing you to access your candidate dashboard. Create your login and make sure to check your dashboard often to see your application progress.

Explore this Location APAC

For over 70 years, The Walt Disney Company has been entertaining consumers in Asia Pacific – and enriching people’s lives. Today’s consumer can discover new branded experiences in many ways and in many markets across the APAC region.