Sign up
Sign up
empty
Manager, Information Security Corrective Action
The Walt Disney Company
.svg)
Remote Eligibility
On-site
Domain
Governance, Risk & compliance
State
California
City
Burbank
Job Description
Posted on:
February 24, 2025
Primary NIST Speciality
Oversee and Govern
NIST Sub-speciality
Cybersecurity Management
Seniority
Senior
Salary ($K)
139
-
186
Summary and company overview
Summary Information About the Role and Company Overview
At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.
Corporate is required to address security control gap issues identified through various assessment programs. A cybersecurity corrective action job involves developing and implementing plans to address security gaps and vulnerabilities. This includes issues identified through internal assessments against corporate policy, vulnerability scanning, penetration testing, and regulatory issues identified through compliance program assessments such as PCI and EU data privacy.
Responsibilities
- Manage reviews of reports, assessments, and findings to identify remediation and/or corrective action needed.
- Manage coordination with IT and business partners to facilitate necessary remediation and corrective action.
- Manage verification of remediation and corrective action activity to ensure it achieves compliance against security standards such as CIS Benchmarks, NIST, and TWDC policies and standards.
- Document and review open items in status reports, including next steps, dependencies, and stakeholders.
- Manage communication of results to stakeholders, including technical and non-technical audiences.
- Provide recommendations to improve security posture.
- Contribute in improving security baselines and standards.
- Stay updated on evolving security guidelines and incorporate them into IT and business practices.
- Stay informed on emerging threats and vulnerabilities.
- Proactively recommend adjustments to mitigate risks.
Job Requirements
Required Qualifications & Skills:
- A minimum of 10 years of related cybersecurity experience
- Demonstrated experience managing corrective action.
- Ability to manage and work well with individuals and teams with varying technical and business backgrounds.
- Deep understanding of security frameworks and standards.
- Significant relationship management skills.
- Analytical thinking and attention to detail.
- Established problem-solving skills with an ability to develop creative alternatives to complex problems, as well as continuous improvement process skills
- Demonstrated ability to handle confidential information.
- Managerial experience in a security program for a large and complex organization.
Required Education:
- Bachelor's degree or equivalent experience in Cyber Security, Computer Science, Management Information Systems, or related field.
Additional commentary
The hiring Range for this position in California is $138,900.00 to $186,200.00 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.
Summary and company overview
Summary Information About the Role and Company Overview
At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance and protect these exciting experiences.
The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle, Burbank, and Orlando.
Corporate is required to address security control gap issues identified through various assessment programs. A cybersecurity corrective action job involves developing and implementing plans to address security gaps and vulnerabilities. This includes issues identified through internal assessments against corporate policy, vulnerability scanning, penetration testing, and regulatory issues identified through compliance program assessments such as PCI and EU data privacy.
About
The Walt Disney Company
Company Size
Very large (20K+)
Employer type
Enterprise
Company Rating (Glassdoor)
3.9
View Glassdoor
