Senior Security Specialist応募後で応募 Job ID 931359BR 勤務地－都市 ロンドン, イギリス 勤務地－国 Disney Media & Entertainment Distribution 掲載日 May 16, 2022
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.
In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:
1. Analysis of known and emerging threats to determine risks against TWDC assets
2. Creation, maintenance, governance and communication of security policies and standards across TWDC
3. Assessment and audit of compliance against the security policies and standards
4. Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria
We are looking to add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work.
職責／担当・主要業務:This position will involve working closely with technology teams and business units to analyse and mitigate risk in their environments. There will be responsibility in providing security advice and support International TWDC projects to ensure security requirements are met and aligned with Disney Information Security Policies and Standards.
Role will extend to supporting on-boarding and monitoring international infrastructure to ensure assets are protected and visibility is attained. Additionally candidate will review, communicate and manage remediation of existing and newly discovered security findings and vulnerabilities.
- Understanding the International environment, determine risk level and required risk assessments
- Independently prioritise high risk queiries and tasks ensuring they go through a risk assessment
- Document environment risk and provide regular risk reporting on going initiatives
- Perform security reviews when required for high risk impact systems
- Supporting on boarding and monitoring International infrastructure to ensure visibility
- Review, communicate and manage remediation of security findings and vulnerabilities
- Support and manage security aspect of TWDC International projects working closely business units
- Ensure that a risk-based approach to IT security is adopted in every part of the business
- Align best practices with GIS (Global Information Security)
- Assist manager with coordination and reporting incidents
- Support and help manage 3rd party security compliance process with business input
- Work with domestic security to support risk assessments and define security mitigating controls
- Ensure technology architectures and security is in line with privacy requirements i.e GDPR
- Assist in documenting regional risk management processes
- Develop a culture of security awareness and practice throughout TWDC International.
- Through example and behaviour, strive to provide peer leadership to other team members with the goal of being excellent service providers and enablers to other constituencies (both internal and external)
- Experience in Information Technology security.
- Experience in Risk Management, Information Security and Audit & Compliance monitoring.
- Basic understanding of cloud infrastructure engineering / architecture.
- Understanding of security and vulnerability detection tools (e.g., Tenable, Qualys, Crowdstrike, Prisma).
- Working knowledge of information security related best practices and standards such as ISO 2700x, SOC 2, NIST, PCI requirements etc.
- Experience of interpreting and assessing risk based on information from numerous sources to form a reasoned decision.
- Good understanding of cyber and technology security best practices.
- Preferred experience with a large company and/or Big 4 accounting firm.
- Experience working with regulatory compliance frameworks such as GDPR
- Knowledge of conducting risk assessments using best practice risk management methodologies
- One or more credentials - CISA, CISM, CRISC, ISO27001 LA/LI, CCSP, CISSP, Cloud+
Disney Media & Entertainment Distribution について:
Disney Media&Entertainment Distribution (DMED)は、国際的な事業部門とさまざまな消費者向けストリーミングサービスで構成されており、テクノロジー、メディア配信、広告販売を単一の事業セグメントに統括し、世界中の消費者一人ひとりに応じたエンターテインメント体験を創出・配信しています。
The Walt Disney Company について:
The Walt Disney Companyおよびその子会社・関連会社は、メディア・ネットワーク、パーク＆リゾート、スタジオ・エンターテイメント、コンシューマ・プロダクツ、インタラクティブ・メディア事業を扱う、多角化したファミリー向けエンターテイメントとメディアのグローバルカンパニーです。1920年代に小さなアニメーション・スタジオとしてスタートしたディズニーは、今日のエンターテイメント業界において世界中の人々に愛される存在となりました。今後もお客様一人ひとりに最上のストーリーと体験を提供できるような作品作りを継承し、40カ国以上で従業員とキャストメンバーが一丸となり、ディズニーエンターテイメント体験を創出していきます。
このポジションは The Walt Disney Company Ltd. という事業部門の一つである Disney Media & Entertainment Distributionでのお仕事です。