Manager, Studios Cybersecurity Risk and Product Security

1 Week ago • 8 Years + • Cyber Security • $138,900 PA - $195,000 PA

Job Summary

Job Description

The Manager, Studios Cybersecurity Risk and Product Security at Disney is responsible for identifying, assessing, and mitigating security threats across Disney Studios. This involves developing and implementing security strategies, policies, and procedures; conducting risk assessments; managing vendor security; ensuring compliance; and providing performance reporting. The role requires collaboration with various teams, including application developers, engineers, and Global Information Security, to improve the overall security posture. Key responsibilities include risk management, remediation planning, and partnering with stakeholders to implement enterprise technology and tools for efficient risk management processes. The ideal candidate will possess strong technical skills, excellent communication abilities, and experience in cybersecurity programs, risk assessment methodologies, and regulatory compliance.
Must have:
  • 8+ years cybersecurity experience
  • Risk assessment & remediation
  • Compliance & policy adherence
  • Strong communication skills
  • Technical expertise (cloud, IAM)
  • Collaboration & stakeholder management
Good to have:
  • CISSP, CISA, CISM certifications
  • Experience with GRC tools
  • Programming/scripting skills
  • Knowledge of CI/CD principles

Job Details

Job Summary:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.

The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to:

  • Secure the Magic by protecting information systems and platforms.

  • Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.

  • Strengthen the business through optimizing execution, application, and technology used to protect the Company.

  • Innovate by investing in core capabilities to enhance operational efficiency.

 

We are defenders of the magic, waging an epic battle to ­­­­­­safeguard our franchises, protect our people, and ensure the world’s most admired entertainment company is not disrupted by cybersecurity threats.  We are partners in protecting Disney’s highly respected portfolio including Marvel Studios, Pixar Animation Studios, Lucasfilm, Disney Live Action Films, Walt Disney Animation Studios, Searchlight Pictures, and 20th Century Studios.

The Studios Cybersecurity team are seeking a Manager, Studios Cybersecurity Risk and Product Security, who will be an exceptional addition to our team. As a Manager, Studios Cybersecurity Risk and Product Security, you will be responsible for identifying, assessing, and mitigating potential security threats by developing and implementing comprehensive security strategies, policies, and procedures, ensuring the protection of sensitive data, systems, and infrastructure. This is a technical role with a focus on Cyber Risk Management and assessment over the technologies we support. This role will work closely with the Studios Cybersecurity team, Content Security, and application developers, engineering partners on key initiatives to meet Risk and Compliance requirements over TWDC Information Security Policies, Content Protection standards, Security Configuration Standards, and applicable regulatory requirements. This role will be partnering with the Cybersecurity service owners, Engineering, Application Developers, infrastructure teams, TWDC Global Information Security, and various Studio partners through control assessments, solutions architect, remediation requirements, risk management, and interfacing with the key stakeholders to mature our overall security posture.

Responsibilities:

  • Conduct regular risk assessments to identify potential security threats and vulnerabilities across all organizational systems and operations.
  • Develop, implement, and oversee remediation processes to address issues identified via application assessments, audit assessments, key financial application reviews, access control reviews, internal or external audits and/or other assessments.
  • Assess the security posture of third-party vendors and manage security risks associated with outsourced services.
  • Assist in development of monthly Compliance communications in conjunction with end-user training.
  • Ensure adherence to relevant security regulations, TWDC information security policies, security configuration standards, and compliance standards.
  • Provide performance reporting related to risk and internal controls effectiveness to key stakeholders.
  • Influence prioritization to efficiently and effectively reduce or mitigate security risks timely.
  • Provide support for continuous improvement initiatives to mitigate/manage risks while reducing overall compliance costs.
  • Partner with functional business areas to analyze and determine the effect to internal control systems for new information technology implementations and proposed process improvement changes.
  • Develop and maintain a comprehensive plan to monitor remediation and risk mitigation projects and scope changes, prioritization of scope components.
  • Manage, and mature the risk appetite framework for the organization and associated lines of business.
  • Be a key partner and contributor to the implementation of enterprise technology and tools, such as a GRC, to support the effective and efficient execution of risk management processes, including automation of processes, where possible.
  • You will lead and direct teams of professionals with diverse skills and backgrounds by providing constructive on-the-job feedback/coaching.

Experience and Education

  • 8 years of applied work experience in cybersecurity programs, audits, assessments, risk, remediation, or cybersecurity compliance
  • Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience
  • Relevant security certifications (e.g., CISSP, CISA, CISM)
  • Deep understanding of cybersecurity principles and best practices
  • Expertise in risk assessment methodologies and frameworks (e.g., NIST RMF)
  • Knowledge of security best practices over public cloud such as AWS, Azure and GCP.
  • Proven ability to analyze and assess complicated application architectures and workflows to identify risk.
  • Familiarity with identity and access management integrations such as Active Directory, Okta, Auth0, SAML, OIDC).
  • Knowledge of RESTful web services (client–server application).
  • Familiarity with CI/CD principals, tools and services.
  • Experience with one or more programming or scripting languages – i.e PowerShell, Python, C#, VB, VBA, Ruby, NodeJS, SQL, etc
  • Strong analytical and problem-solving skills
  • Excellent communication and presentation skills to convey complex security concepts to non-technical audiences
  • Experience with security tools and technologies (e.g., firewalls, intrusion detection/prevention systems, SIEM)
  • History of on-time, on-budget delivery of strategic deliverables
  • Highly organized and efficient. Proven ability to manage multiple projects at a given time

#DISNEYTECH

#LI-AF2


The hiring range for this position in CA is $138,900 to $186,200 per year. The hiring range for this position in NY and WA is $145,400 to $195,000 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

Similar Jobs

ByteDance - Risk Data Analytics Business Partner - E-Commerce - Seattle

ByteDance

Seattle, Washington, United States (On-Site)
4 Months ago
Aristocrat Gaming - Product Owner

Aristocrat Gaming

Skopje, Greater Skopje, North Macedonia (Hybrid)
4 Days ago
PwC - IN_Associate _ Internal Audit _Internal Audit Services_ Advisory_ Bangalore

PwC

Bengaluru, Karnataka, India (On-Site)
5 Months ago
PwC - Experienced Associate - Valuation

PwC

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
6 Months ago
PwC - Billing and Collections Specialist (Proby)

PwC

Pasig, Metro Manila, Philippines (On-Site)
5 Months ago
ByteDance - Full-Stack Software Engineer - Security Operation Center

ByteDance

San Jose, California, United States (On-Site)
5 Months ago
CloudLinux - Senior Python Developer with Security Expertise

CloudLinux

Sofia City Province, Bulgaria (Remote)
5 Days ago
Rackspace Technology - Security Engineer – Level II (Threat & Vulnerability Management)

Rackspace Technology

Gurugram, Haryana, India (Remote)
5 Days ago
Tencent - Senior Client-Side Security Engineer

Tencent

Shenzhen, Guangdong Province, China (On-Site)
3 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

ION - Senior Consultant - Risk Advisory, Italy

ION

Pisa, Tuscany, Italy (On-Site)
5 Months ago
Epic Games - Third Party Risk Management Analyst

Epic Games

Cary, North Carolina, United States (On-Site)
1 Week ago
The Walt Disney Company - Quality Assurance Analyst, Consumer Products

The Walt Disney Company

Ho Chi Minh City, Ho Chi Minh City, Vietnam (On-Site)
4 Months ago
PwC - Associate, Credit Risk/Market Risk - Financial Services Risk Advisory

PwC

Mumbai, Maharashtra, India (On-Site)
2 Months ago
PwC - Senior Associate - Credit Control

PwC

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
5 Months ago
ByteDance - Internal Auditor - Global Payments

ByteDance

Singapore (Hybrid)
1 Week ago
Razer - Associate Manager, Risk Management

Razer

Kuala Lumpur, Federal Territory Of Kuala Lumpur, Malaysia (On-Site)
5 Months ago
Social Discovery Ventures - VP of Finance

Social Discovery Ventures

Latvia (Remote)
6 Months ago
Rackspace Technology - PMO Technical Program Director

Rackspace Technology

(Remote)
1 Month ago
Zoox - Senior Safety Research Engineer, Human Factors Modeling

Zoox

Foster City, California, United States (Hybrid)
5 Months ago

Get notifed when new similar jobs are uploaded

Jobs in New York, New York, United States

The Walt Disney Company - Lead Software Engineer

The Walt Disney Company

Bristol, Connecticut, United States (On-Site)
1 Week ago
ByteDance - Tech Lead Manager - Global E-Commerce Supply Chain

ByteDance

San Jose, California, United States (On-Site)
5 Months ago
The Pokemon Company International - Business Process Analyst

The Pokemon Company International

Redmond, Washington, United States (Hybrid)
3 Weeks ago
Alphasense - Enterprise Account Executive, Corporate

Alphasense

Remote, Oregon, United States (Remote)
4 Months ago
Sphere Entertainment Co - Guest Services Call Center Operator (Part-Time)

Sphere Entertainment Co

Las Vegas, Nevada, United States (On-Site)
1 Week ago
Tencent - Data Science Intern

Tencent

Palo Alto, California, United States (On-Site)
1 Month ago
Somewear Labs - Android Engineer

Somewear Labs

United States (Remote)
7 Months ago
Netflix - Technology Product Manager - TV Platform and Device Technologies

Netflix

Los Gatos, California, United States (On-Site)
5 Months ago
PlayStation Global - Staff HRIS Analyst-Recruiting and HCM

PlayStation Global

Carlsbad, California, United States (On-Site)
6 Days ago
Google - Software Engineer, PhD, Early Career, Campus, Embedded Systems and Firmware, 2025 start

Google

Mountain View, California, United States (On-Site)
4 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

ByteDance - Security Engineer, Security Assurance

ByteDance

Singapore (On-Site)
1 Week ago
ByteDance - Software Engineer, Global Payment Privacy & Security

ByteDance

Seattle, Washington, United States (On-Site)
1 Week ago
ByteDance - Head of Cloud Security Product Manager, APAC

ByteDance

Singapore (On-Site)
1 Week ago
Trend Micro - Embedded Software Engineer (C/C++)

Trend Micro

Manila, Metro Manila, Philippines (On-Site)
16 Years ago
The Walt Disney Company - Staff Security Specialist, Information Security - Lead Security Solution Architect

The Walt Disney Company

Orlando, Florida, United States (On-Site)
1 Week ago
ByteDance - Senior Security Software Architect, Security Engineering

ByteDance

Singapore (On-Site)
4 Months ago
Fluence - Cybersecurity Engineer (m/f/d)

Fluence

Erlangen, Bavaria, Germany (Hybrid)
5 Months ago
Canva - Security Engineering Director - Detection & Response - Remote across ANZ

Canva

Wellington, Wellington, New Zealand (Remote)
4 Months ago
Applike - IT Security Manager (f/m/d)

Applike

Hamburg, Hamburg, Germany (Hybrid)
2 Months ago

Get notifed when new similar jobs are uploaded

About The Company

From classic animated features and exhilarating theme park attractions to cutting edge sports coverage, and the hottest shows on television, The Walt Disney Company has been making magic since 1923, creating unforgettable stories that connect with audiences around the world. And we’re just getting started!

The key to our success…. The Cast, Crew, Imagineers and Employees who honor Disney’s rich legacy by stretching the bounds of imagination to create the never-before-seen, bringing unparalleled entertainment experiences to people of all ages. Begin a career that delivers unparalleled creative content and experiences to audiences around the world and just imagine the stories you could be part of…

What is #LifeAtDisney like? It’s a series of magical moments with cast members and employees developing and telling our stories in the most innovative ways. Whether it’s a day spent as a Disney VoluntEAR, or celebrating the release of a new interactive experience, retail product or movie, our days are filled with the knowledge that we are creating entertainment experiences the whole family can enjoy. Follow @DisneyCareers on Facebook, Twitter and Instagram for a peek behind-the-curtain, and discover how you could connect to a world of stories with Disney!

Anaheim, California, United States (On-Site)

Lake Buena Vista, Florida, United States (On-Site)

Hong Kong (On-Site)

Papenburg, Lower Saxony, Germany (On-Site)

Hong Kong (On-Site)

Île-de-France, France (On-Site)

Île-de-France, France (On-Site)

Île-de-France, France (On-Site)

Île-de-France, France (On-Site)

Île-de-France, France (On-Site)

View All Jobs

Get notified when new jobs are added by The Walt Disney Company

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug