Senior Manager Infosec Security Architecture
Job Summary:At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.
In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:
- Analysis of known and emerging threats to determine risks against TWDC assets
- Creation, maintenance, governance and communication of security policies and standards across TWDC
- Assessment and audit of compliance against the security policies and standards
- Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria
We look add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work.
The Streaming Services organization is a part of the Disney Media, Entertainment, and Distribution segment of The Walt Disney Company. The Streaming Service Information Security team is tasked with ensuring the security of our streaming platforms and products as well as the consumers of our products. In order to support the rapid and massive growth of our steaming business, The Streaming Services Information Security team offers versatile and agile security services to our technology partners that align with the innovative, fast-paced culture of the technology teams we support. The Streaming Services Information Security team, partners with streaming technology stakeholders, Global Information Security colleagues, and cross-functional information security counterparts to protect the wide range of streaming products and the consumers of those products on behalf of the TWDC enterprise.
Responsibilities:Responsibilities of the Streaming Services Infosec Team include:
- Security architecture and design reviews
- Threat modeling
- Automated and manual secure code reviews
- Consumer identity and data protection
- Risk management services
- Control assurance and testing services
- Compliance and policy engagements
- Offensive security services
- Security engineering and tooling
- Partnering with technology teams to ensure proper implementation of security control
- Evaluating security tooling and costs associated with tools
- Third party and partner security engagements
- Compliance; management audit, SOX, PCI
- Documenting internal processes and identifying KPIs to effectively measure program performance.
- Security operations
- Incident Response
Responsibilities of the Role:
The Sr. Manager; Information Security Architecture role will be primarily responsible for leading, defining, and executing the strategy of the Security Architecture domain within the Streaming Services organization. The successful candidate must possess skills to actively engage with techonology teams and maintain strong working relationships with our technology partners. The successful candidate will possess strong technical skills that align with the streaming technology stack as well as a strong ability to effectively manage direct reports, resource allocation and prioritization, budgets, and key performance indicators.
Primary Responsibilities
- Oversee, engage, and execute security architecture and design reviews that are in alignment to a chosen framework.
- Perform threat modeling and threat assessment engagements with technical teams.
- Partner with technical teams to assist in security control design and implementation.
- Produce artifacts and deliverables that inform the enterprise of areas of risk.
- Host regular, standing meetings with technical development teams to discuss technical roadmap items and drive technical security discussion.
- Participate in executive level, strategic planning and roadmap discussions.
- Manage team resources to ensure target dates are met for critical deliverables.
- Develop and maintain key performance indicators to demonstrate performance of Security Architecture program.
Leadership Responsiblities
- Encourage team members to operate and execute in a way that aligns with the core values of the Streaming Services organization.
- Demonstrate an ability to manage ambiguity in a fast-paced, ever-evolving environment and culture.
- Influence executive leaders, infosec team leaders, and direct reports to drive positive change that provides value to the enterprise.
- Support executive leadership by providing data and metrics related to program risks and performance.
Secondary Responsibilities
- Support high-profile events when needed. Ie, new product launches, high profile content premieres.
- Contribute and provide feedback to infosec process improvements.
- Liase with counterparts across the TWDC enterprise to ensure streaming alignment with enterprise strategy.
Basic Qualifications:Work Experience
Skills / Specialized Knowledge/ Competencies
- AWS services and architecture
- Nix based systems
- Containers – AWS Fargate, ECS
- Cisco networking hardware
- Zero-trust environments
- CI/CD pipelines (Jenkins/artifactory/ECR,Terraform)
- Content Delivery Networks
- Programming background in below languages
- Python
- Scala
- Yaml
- GO
Additional:
- Amazon web services
- Program/process management skills
- Executive level communication skills
- Ability to adapt quickly
Preferred Qualifications:
- Preferred qualifications include CISSP, CISM, CISA or equivalent
Required Education
- BA/BS in business or computer science or appropriate work experience
Preferred Education
- Masters or other advanced degree preferred
Additional Information:DISNEYTECH
#lLI-CM1