Distinguished Engineer for AI & Product Security at Workday, driving security strategy for AI technologies and cloud - native applications. Leading security architecture and complex reviews across critical products.
TC
Hybrid Manager, Information Security Compliance
Posted 4 months ago
About the role
- Manager for Information Security Compliance at Disney overseeing compliance programs and team operations. Responsible for audit support, systems scoping, and team management in cybersecurity.
Responsibilities
- Independent audit support for: SOX 404 ITGCs PII PCI ISPS
- Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs.
- Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments.
- Develop and lead the Control Assurance Programs (ISPS and SOX).
- Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding.
- Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company’s automated controls.
- This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control.
- Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment.
- Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products)
- Ensure for timely management response of audit findings into our corporate SOCD/SAD.
- Oversee ISPS Management Audit coordination and open action plans.
- Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands.
- Management of GRC workflows around coordination of certifications and attestations.
- Partner with leadership to support the PCI-DSS compliance program.
- Develop training materials, coordinate training sessions, and monitor compliance with training requirements.
- Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently.
- Assign tasks and projects to team members based on priorities, deadlines, and individual strengths.
- Provide executive level updates on Compliance programs
Requirements
- Minimum of 8 years of related work experience, with 3 in management roles
- IT SOX experience and proven experience in supporting IT audit/compliance functions
- Experience in managing people
- Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives
- Interpersonal skills with the ability to work with teams cross-functionally
- Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators
- Detail-oriented but able to understand the big picture.
- Highly organized and efficient
- Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments
- Experience with cloud-based services, specifically AWS
Benefits
- A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Hands - on Security Engineer working across multiple layers for a cloud procurement platform. Ensuring security while developing automated workflows in a global team environment.
Lead Cyber Security Engineer at GE Vernova focusing on cybersecurity for EHV/HV substations. Involved in system protection, risk assessments, and cross - functional collaboration.
Lead Cyber Security Engineer at GE Vernova designing and implementing crucial cybersecurity measures. Involved in developing renewables project worldwide in a dynamic engineering team.
Information Security Representative/OT Engineer ensuring compliance with ISO standards in OT systems and supporting energy transition. Collaborate in diverse teams for modern, sustainable energy solutions.
Functional Safety Specialist in projects for functional safety within automation technology. Collaborating with clients on safety analyses and documentation while fostering team development in a flexible environment.
Manager of Cybersecurity and Compliance responsible for global cybersecurity and privacy at Hunter Industries. Leading teams, overseeing cybersecurity solutions, and ensuring compliance across the organization.
Security Specialist responsible for security operations at the Hibikinada Offshore Wind Farm. Collaborating with teams to ensure safety and compliance with local regulations.
Director of Partnerships driving revenue growth through podcast advertising and event sponsorships at War on the Rocks. Building and managing a pipeline while collaborating with company leadership.
Senior Information and Cyber Security Officer at Social Security Scotland handling risks and providing advice. Leading the risk management activities and contributing to security initiatives to enhance governance.