Job Information
The Walt Disney Company Security Specialist, Corrective Action in Orlando, Florida
At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.
Disney Experiences is required to address security control gap issues identified through various assessment programs. A cybersecurity corrective action job involves developing and implementing plans to address security gaps and vulnerabilities. This includes issues identified through internal assessments against corporate policy, vulnerability scanning, penetration testing, and regulatory issues identified through compliance program assessments such as PCI and EU data privacy.
This role is responsible for facilitating remediation and corrective action activities with IT and business partners. This role involves communication, collaboration, negotiation, and holding partners accountable. This role collaborates with multiple teams to coordinate the implementation of security improvements that mitigate risks and enhance the organization's overall security posture.
Develops and evaluates compliance with programs and processes to mitigate cybersecurity risk and ensure protection of company and allied assets and information. Reviews and enhances network systems and processes for compliance with external regulations and internal standards. Proactively identifies non-conforming areas and assesses risk. Recommends and implements compliance measures. Provides leadership on compliance issues to solve challenging security compliance problems. Ensures documentation and reporting in support of analysis. Stays current on evolving legislative / regulatory changes related to security compliance.
What You'll Do
Review reports, assessments, and findings to identify remediation and/or corrective action needed.
Coordinate with IT and business partners to facilitate necessary remediation and corrective action.
Verify remediation and corrective action activity achieves compliance against security standards such as CIS Benchmarks, NIST, and TWDC policies and standards.
Document open items in status reports, including next steps, dependencies, and stakeholders.
Communicate results to stakeholders, including technical and non-technical audiences.
Provide recommendations to improve security posture.
Assist in improving security baselines and standards.
Stay updated on evolving security guidelines and incorporate them into IT and business practices.
Stay informed on emerging threats and vulnerabilities.
Proactively recommend adjustments to mitigate risks.
Required Qualifications & Skills
3+ years of related cybersecurity experience
Demonstrated experience facilitating corrective action.
Ability to work well with individuals and teams with varying technical and business backgrounds.
Understanding of security frameworks and standards.
Analytical thinking and attention to detail.
Established problem-solving skills with an ability to develop creative alternatives to complex problems, as well as continuous improvement process skills
Demonstrated ability to handle confidential information.
Experience with IT security venerability programs (specifically Archer) within a large and complex organization.
Required Education
- Bachelor’s degree and/or equivalent work experience
Preferred Education:
One or more general security certifications including PCNSE, Security+, CySA+, CCNA Cyber Ops, AWS, GSEC, GICSP, CISSP, or other relevant certifications
One or more vulnerability assessment or auditing certification including CISSA, CISM, GCCC, GSNA or other relevant certifications
Job ID: 10112166
Location: Orlando,Florida
Job Posting Company: The Walt Disney Company (Corporate)
The Walt Disney Company and its Affiliated Companies are Equal Employment Opportunity employers and welcome all job seekers including individuals with disabilities and veterans with disabilities. If you have a disability and believe you need a reasonable accommodation in order to search for a job opening or apply for a position, email Candidate.Accommodations@Disney.com with your request. This email address is not for general employment inquiries or correspondence. We will only respond to those requests that are related to the accessibility of the online application system due to a disability.
The Walt Disney Company
-
- The Walt Disney Company Jobs