Analista Pleno de Conscientização em Segurança da Informação at Riachuelo developing and executing training initiatives. Collaborating with various departments to improve awareness on information security.
TC
Hybrid Manager, Information Security Compliance
Posted last month
About the role
- Manager for Information Security Compliance at Disney overseeing compliance programs and team operations. Responsible for audit support, systems scoping, and team management in cybersecurity.
Responsibilities
- Independent audit support for: SOX 404 ITGCs PII PCI ISPS
- Collaborate with Enterprise Controls and Compliance (ECC) to scope systems and respective ITGCs.
- Perform control health checks and remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments.
- Develop and lead the Control Assurance Programs (ISPS and SOX).
- Lead Audit Readiness efforts to ensure proper system scoping and respective ITGCs, control validations and timely program onboarding.
- Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Company’s automated controls.
- This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control.
- Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment.
- Work with management and internal audit on maintaining the master Risk and Control Matrix over the systems material to Disney Entertainment and ESPN (Broadcast TV and Streaming - Hulu, Disney+, ESPN+, STAR+ products)
- Ensure for timely management response of audit findings into our corporate SOCD/SAD.
- Oversee ISPS Management Audit coordination and open action plans.
- Provide consultancy to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands.
- Management of GRC workflows around coordination of certifications and attestations.
- Partner with leadership to support the PCI-DSS compliance program.
- Develop training materials, coordinate training sessions, and monitor compliance with training requirements.
- Oversee and manage a team of compliance analysts, ensuring day-to-day operations run smoothly and efficiently.
- Assign tasks and projects to team members based on priorities, deadlines, and individual strengths.
- Provide executive level updates on Compliance programs
Requirements
- Minimum of 8 years of related work experience, with 3 in management roles
- IT SOX experience and proven experience in supporting IT audit/compliance functions
- Experience in managing people
- Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives
- Interpersonal skills with the ability to work with teams cross-functionally
- Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators
- Detail-oriented but able to understand the big picture.
- Highly organized and efficient
- Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments
- Experience with cloud-based services, specifically AWS
Benefits
- A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Security Engineer responsible for defining security architecture for systems and applications in the technology area. Collaborating with multiple teams for risk mitigation and compliance.
Leading Security Governance & Assurance team focused on information security management systems at Xecuro GmbH. Collaborating with team on regulatory compliance and development opportunities.
Employment Security Representative providing job placement assistance and career counseling for Broward County residents. Supporting workforce development through training and employment opportunities.
Security Architect Engineer at S&P Global designing and maintaining cybersecurity architecture. Leading security initiatives and architecture reviews for enterprise security strategies.
Senior Cyber Security Engineer at WIIT enhancing cyber security for clients and internal operations. Analyzing incidents, implementing advanced technologies, and collaborating on security strategies in Milan.
Senior Consultant specializing in Cyber Security joining Wavestone, supporting clients on IT security and operations centers.
ISSO, Staff providing technical and programmatic Information Assurance Services supporting the US Space Force LAN Integration Team at Peterson Space Force Base, CO. Responsibilities include development of security requirements, vulnerability assessments, and incident investigations.
Pre - Sales Security Engineer at Netpoleon, collaborating with teams to empower partners with cybersecurity solutions. Delivering technical consultations and designing innovative strategies for business growth.
Cyber Security Administrator at Centorrino Technologies focusing on SOAR methodologies and incident response efficiency. Collaborating with teams to implement secure hybrid solutions in Australia.