Manager, Studios Cybersecurity Risk and Product Security

ジョブID 10113234 勤務地を選択 グレンデール, カリフォルニア州, アメリカ合衆国 / ニューヨーク, ニューヨーク州, アメリカ合衆国 企業名 The Walt Disney Company (Corporate) 掲載日 Mar. 10, 2025

今すぐ応募

仕事内容:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.

The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to:

Secure the Magic by protecting information systems and platforms.
Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.
Strengthen the business through optimizing execution, application, and technology used to protect the Company.
Innovate by investing in core capabilities to enhance operational efficiency.

We are defenders of the magic, waging an epic battle to safeguard our franchises, protect our people, and ensure the world’s most admired entertainment company is not disrupted by cybersecurity threats. We are partners in protecting Disney’s highly respected portfolio including Marvel Studios, Pixar Animation Studios, Lucasfilm, Disney Live Action Films, Walt Disney Animation Studios, Searchlight Pictures, and 20th Century Studios.

The Studios Cybersecurity team are seeking a Manager, Studios Cybersecurity Risk and Product Security, who will be an exceptional addition to our team. As a Manager, Studios Cybersecurity Risk and Product Security, you will be responsible for identifying, assessing, and mitigating potential security threats by developing and implementing comprehensive security strategies, policies, and procedures, ensuring the protection of sensitive data, systems, and infrastructure. This is a technical role with a focus on Cyber Risk Management and assessment over the technologies we support. This role will work closely with the Studios Cybersecurity team, Content Security, and application developers, engineering partners on key initiatives to meet Risk and Compliance requirements over TWDC Information Security Policies, Content Protection standards, Security Configuration Standards, and applicable regulatory requirements. This role will be partnering with the Cybersecurity service owners, Engineering, Application Developers, infrastructure teams, TWDC Global Information Security, and various Studio partners through control assessments, solutions architect, remediation requirements, risk management, and interfacing with the key stakeholders to mature our overall security posture.

Responsibilities:

Conduct regular risk assessments to identify potential security threats and vulnerabilities across all organizational systems and operations.
Develop, implement, and oversee remediation processes to address issues identified via application assessments, audit assessments, key financial application reviews, access control reviews, internal or external audits and/or other assessments.
Assess the security posture of third-party vendors and manage security risks associated with outsourced services.
Assist in development of monthly Compliance communications in conjunction with end-user training.
Ensure adherence to relevant security regulations, TWDC information security policies, security configuration standards, and compliance standards.
Provide performance reporting related to risk and internal controls effectiveness to key stakeholders.
Influence prioritization to efficiently and effectively reduce or mitigate security risks timely.
Provide support for continuous improvement initiatives to mitigate/manage risks while reducing overall compliance costs.
Partner with functional business areas to analyze and determine the effect to internal control systems for new information technology implementations and proposed process improvement changes.
Develop and maintain a comprehensive plan to monitor remediation and risk mitigation projects and scope changes, prioritization of scope components.
Manage, and mature the risk appetite framework for the organization and associated lines of business.
Be a key partner and contributor to the implementation of enterprise technology and tools, such as a GRC, to support the effective and efficient execution of risk management processes, including automation of processes, where possible.
You will lead and direct teams of professionals with diverse skills and backgrounds by providing constructive on-the-job feedback/coaching.

Experience and Education

8 years of applied work experience in cybersecurity programs, audits, assessments, risk, remediation, or cybersecurity compliance
Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience
Relevant security certifications (e.g., CISSP, CISA, CISM)
Deep understanding of cybersecurity principles and best practices
Expertise in risk assessment methodologies and frameworks (e.g., NIST RMF)
Knowledge of security best practices over public cloud such as AWS, Azure and GCP.
Proven ability to analyze and assess complicated application architectures and workflows to identify risk.
Familiarity with identity and access management integrations such as Active Directory, Okta, Auth0, SAML, OIDC).
Knowledge of RESTful web services (client–server application).
Familiarity with CI/CD principals, tools and services.
Experience with one or more programming or scripting languages – i.e PowerShell, Python, C#, VB, VBA, Ruby, NodeJS, SQL, etc
Strong analytical and problem-solving skills
Excellent communication and presentation skills to convey complex security concepts to non-technical audiences
Experience with security tools and technologies (e.g., firewalls, intrusion detection/prevention systems, SIEM)
History of on-time, on-budget delivery of strategic deliverables
Highly organized and efficient. Proven ability to manage multiple projects at a given time

#DISNEYTECH

#LI-AF2

The hiring range for this position in CA is $138,900 to $186,200 per year. The hiring range for this position in NY and WA is $145,400 to $195,000 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

今すぐ応募

The Walt Disney Company (Corporate)について:

The Walt Disney Companyでは強力なブランドが集結し、最も革新的で、広範囲にわたる影響力と尊敬される企業をグローバルで構築しています。記憶に残るエンターテインメントと体験の裏では、才能ある人材で構成された多種多様なビジネスサポートチームが、ディズニーの比類なきストーリーに生命を吹き込むために尽力しています。

The Walt Disney Company について:

The Walt Disney Companyは、その子会社・関連会社とともに、多様性あふれる国際企業として、Disney Entertainment、ESPN、Disney Experiencesの3事業を柱に、ファミリー向けエンターテインメントとメディアの世界をけん引しています。1920年代に小さなアニメ・スタジオとしてスタートしたDisneyは、今日のエンターテインメント業界において卓越した存在となりました。ディズニーは今後も、子供から大人まで、ご家族のだれもが楽しめる一流の物語や体験を生み出し続けます。Disneyのストーリーやキャラクター、体験は、世界中のあらゆる場所の消費者やお客様に届けられています。当社は40カ国以上で、従業員とキャストメンバーが一丸となり、世界的にも地域的にも歓迎されるエンターテインメント体験を創出しています。

このポジションはDisney Worldwide Services, Inc.という事業部門の一つであるThe Walt Disney Company (Corporate)でのお仕事です。

Disney Worldwide Services, Inc. は機会均等雇用主です。応募者は、人種、宗教、肌の色、性別、性的指向、ジェンダー、性自認、性表現、国籍、家柄、年齢、配偶者の有無、軍役経験の有無やその地位、健康状態、遺伝情報や障がい、または連邦法や州法、地方法で禁止されているその他の法的根拠に関係なく、雇用の検討対象となります。Disneyは、すべての人々のアイデアと決断が、成長、革新、最高のストーリーの創造に役立ち、絶えず進化する世界において、価値ある存在になれるよう支援するビジネス環境を支持します。

求人応募における障害者への配慮

The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, visit the Disney candidate disability accommodations FAQs. We will only respond to those requests that are related to the accessibility of the online application system due to a disability.

技術的な問題がある場合は、「よくあるご質問」をご覧ください。

採用プロセス

あなたのストーリーはどこから始まりますか？

Disney CareersやLife at Disneyブログを探索し、ウォルト・ディズニー・カンパニーで待っている素晴らしい機会について学びましょう。
ストーリーに参加する

探索できるさまざまなブランドやビジネスがあります。自分に合った機会を見つけたら、次のステップとして応募を完了させましょう。
次の章

応募が完了すると、候補者ダッシュボードへのアクセス方法が記載されたメールが届きます。ログインIDを作成し、ダッシュボードを頻繁にチェックして、応募の進捗状況を確認するようにしてください。