The Walt Disney Company Compliance Manager in Lake Buena Vista, Florida

The Compliance Manager is a key leader within the Information Security & Compliance team. The primary focus will be to ensure the processes and controls are in place across the Segment to satisfy security, internal control, risk management, external audit, and compliance requirements. This involves managing the team to ensure that daily activities associated with sustaining information security and compliance requirements are met.

Responsibilities :

  • Work closely with business partners, key stakeholders, and internal departments to evaluate current and future Compliance strategies.

  • Execute Compliance strategies, evaluating efforts to ensure the effectiveness and efficiency of the Technology Controls.

  • Contribute significantly in developing an execution plan to implement short and long term goals for the Compliance team.

  • Monitor compliance with information security policies and standards and prepare appropriate documentation for internal and external audits.

  • Coordinate internal/external audits and attestations; ensure required artifacts are delivered timely and with quality, and that deficiencies identified are addressed.

  • Provide oversight of Compliance remediation projects (as requested) ensuring timely completion and validation of completion.

  • Coordinate SOX Technology Control testing for all the Segment applications in scope.

  • Stay informed about Compliance and Cyber Security trends, directions, and technologies. Monitor industry trends and identify best practices and/or methodologies to implement for the business segment.

  • Optimize Compliance tools and processes and introduce scalable solutions across Technology.

  • Contribute and collaborate with other Information Security team members across the broad spectrum of information security programs, such as Threat & Vulnerability Management, Security Response, Information Protection, and Risk.

  • Design, develop, and implement new Compliance controls and processes as necessary to support cloud services.

  • Communicate vertically and horizontally to keep stakeholders informed, including Executive-level communications.

  • May perform other duties and responsibilities necessary to support and protect the business.

Basic Qualifications :

  • A minimum of 10 year’s Information Technology Compliance expertise, with a minimum of 3 years in leading Compliance program for a large and complex organization.

  • CISA certification required.

  • Expert knowledge of security related legislation/regulations with emphasis on Sarbanes-Oxley, PCI, and privacy.

  • Demonstrated experience in identifying compliance risks and development of mitigation plans.

  • Proven experience influencing business and technology leadership to achieve security and compliance requirements.

  • Ability to establish credibility and working relationships with a wide range of personnel, including operations, management, executive, and legal teams as well as external auditors.

  • Solid understanding of project management principles.

  • Demonstrated experience generating metrics to measure service and program effectiveness and consistency.

  • Good organization skills and attention to detail.

  • Demonstrated professional written, verbal, and presentation communications skills.

  • Highly flexible and adaptive; able to multi-thread across a number of simultaneous work efforts.

  • Sharp analytical and problem-solving skills.

  • Ability to solve complex problems and develop creative alternatives, as well as, continuous process improvement skills.

  • Demonstrated ability to handle confidential information.

  • Proven ability to work effectively in a fast-paced environment as part of a high performance team dispersed in multiple locations.

Preferred Qualifications:

  • Ability to be flexible with work schedule and travel requirements.

  • Have a clear understanding of cloud computing services/ deployment architecture.

  • Working knowledge of network and IT security components, including firewalls, intrusion detection systems, anti-malware software, data encryption, server operating systems, and other industry-standard techniques and practices.

  • Knowledge of common web and mobile application vulnerabilities, such as the OWASP Top 10 for web and mobile, and ability to provide solutions.

Required Education :

  • Bachelor's degree in Computer Information Systems or related work experience

Job ID: 649003BR

Location: Lake Buena Vista,Florida

Job Posting Company: Disney Parks & Resorts