Job Searchi - jobSearchi.com

Job Details

ID #43309687
State California
City Burbank
Job type Permanent
Salary USD TBD TBD
Source The Walt Disney Company
Showed 2022-06-19
Date 2022-06-18
Deadline 2022-08-17
Category Et cetera
Create resume

Manager, Enterprise IT Compliance Programs

California, Burbank, 91501 Burbank USA

Vacancy expired!

The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney's information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Burbank, CA - Seattle, WA - Orlando, FL.

To ensure that our services keep The Walt Disney Company (TWDC) secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes :

1. Analysis of known and emerging threats to determine risks against TWDC assets2. Creation, maintenance, governance and communication of security policies/standards across TWDC3. Assessment and audit of compliance against the security policies and standards4. Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria

Information Security (IS) Governance, Risk Management, & Compliance provide organizational structure, processes, and oversight to ensure policies, standards, and management practices meet information security objectives. IS Compliance runs ongoing security programs to evaluate the health of TWDC's control environment. These programs include external audits, internal control validation, third party assessments, and ongoing consulting.

The Manager, Enterprise IT Compliance Programs role is critical to ensuring TWDC meets all compliance requirements across a complex and diverse payment environment. Candidates must have a strong understanding of payment processing fundamentals and related Payment Card Industry (PCI) technology controls. Experience with these processes and controls in the context of an audit or assessment is preferred.

The department develops and evaluates compliance with programs and processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information. Reviews and enhances network systems and processes for compliance with external regulations and internal standards. Proactively identifies non-conforming areas and assesses risk. Recommends and implements compliance measures. Provides leadership on compliance issues to solve challenging security compliance problems. Ensures documentation and reporting in support of analysis. Stays current on evolving legislative / regulatory changes related to security compliance.

Responsibilities : The Manager, Enterprise IT Compliance Programs is primarily responsible for overseeing internal and external assessment activities including TWDC's annual PCI audit. The role includes analyzing and interpreting current control requirements, facilitating and overseeing assessment activities, sustaining stakeholder relationships, determining assessment scoping and requirements, problem solving, and providing consulting services. The role also includes the development of new assessment processes to address platforms/systems presenting risk to TWDC.

Key accountabilities include:
  • Candidates must have a strong understanding of payment processing fundamentals and related Payment Card Industry (PCI) technology controls. Experience with these processes and controls in the context of an audit or assessment is preferred.
  • Determining assessment scope and monitoring segment performance during assessment.
  • Validating scoping and key controls for business units performing self-assessment.
  • Reporting assessment status, reporting control findings, and identifying risk indicators.
  • Executing projects to improve visibility to PCI control operating effectiveness.
  • Serving as a key PCI compliance advocate across the enterprise.
  • Sustaining and improving TWDC's ability to articulate scope, requirements, and accountabilities to achieve PCI compliance, annually.
  • Signatory validation and integration with TWDC Legal.
  • Merchant account identification and integration with TWDC ECP (Enterprise Consumer Payments).
  • Sustaining stakeholder relationships (e.g., business unit, technology organization, information security).
  • Developing control assessment processes that reduce risk and improve efficiency.
  • Managing program administration (e.g., budget, forecasts, vendor invoicing, etc.)

Basic Qualifications :
  • SME PCI DSS - Subject matter expertise knowledge of Payment Card Industry Data Security Standard (PCI DSS)
  • 5 years in an Information Security Leadership role accountable for staff members.
  • 2 to 3 years in an Information Security Compliance and/or Control Assessment role that would include developing and implementing control assessment processes.
  • Working knowledge of the most common Information Security controls
  • Ability to analyze and interpret information and communicate effectively to all levels of leadership

Preferred Qualifications:
  • Enterprise project/assessment management experience
  • International experience
  • Merger/acquisition experience

Required Education :
  • B.S in related field and/or equivalent professional experience
  • Information Security Certification such as CISSP, PCIP, CISA, etc. preferred

Additional Information : #DISNEYTECH#LI-JP4

Vacancy expired!

Subscribe Report job

Related jobs

»Assistant Nurse Manager - Labor and Delivery
2022-06-18
»Brand Marketing Manager
2022-06-18