Director, Information Security Jobs

Job Summary:

The Director, Information Security is responsible securing the magic and enabling the business operations for Disney Live Action, Walt Disney Animation Studios, Pixar Animation Studios, Marvel Studios, Lucasfilm, 20th Century Studios, and Searchlight Pictures as well as Disney Music Group and Disney Theatrical Group. We are seeking a leader excited to engage our customers, focused on the quality of delivery, and able to prioritize data-driven decisions for managing cybersecurity risks faced by The Walt Disney Company. This role acts as deputy to VP Information Security Officer and is key to aligning security services to meet the unique demands of each unique Studio business. The Director continuously collaborates with Business and Technology stakeholders acting as customer advocate and business enabler and cybersecurity advisor, ensuring that cybersecurity protections are incorporated into the creative process and operational activities. This leader maintains a detailed working knowledge of the Studios business operations, cyber defense posture, communication plans and roadmaps to ensure the continuity of business operations, the protection of intellectual property, and the appropriate handling of regulated data. This is accomplished through the design and delivery of cybersecurity services that support business imperatives and are adapted to the unique risk profile for each Studio.

Responsibilities:

• Discover needs and drive security solutions across one or more of Disney Studios and represent the cybersecurity organization in product strategy and roadmap development.
• Lead customer engagement and interaction with Studios, production staff, Privacy and Legal partners, technology leaders and other stakeholders in the Studios and Enterprise Technology organizations
• Lead through influence, support through solutioning and develop talent through mentoring business and technology teams for services that incorporate secure development practices, vulnerability management, threat visibility and event monitoring, endpoint detection and response, third party risk management, and role specific security training and awareness.
• Develop and a high performing team of Cybersecurity and Compliance professionals.
• Build deep relationships with technology executives and gain influence to drive security risk decisions, initiatives, and influence technical architecture that strengthens security posture reduces the security burden placed on the business.
• Partner and collaborate with Content Security teams to harmonize roadmaps and initiatives ensuring frictionless customer interactions and risk reduction value at each studio label.
• Achieve financial budget commitments, forecast financial targets, and develop cybersecurity metrics needed to influence change and prove success of initiatives and investments.
• Integrate roadmaps and create security plans, design, and implement operation models that ensure excellence in delivery, support, and incident response for all cybersecurity products and services.
• Navigate the business, maintain customer obsessed approach to every interaction. Lead the internal teams to understand stakeholder sentiments and facilitate collaborative solutioning with CS partners and Studio Tech partners.
• Lead, support, and mentor business and technology teams in secure development practices. Ad role-based security training and awareness programs.
• Inform and improve the technical, the process, and team member aspects of application, endpoint, and cloud security by overseeing regular maturity assessments and measurements.

Basic Qualifications:

• Four-year college degree in Cybersecurity, Information Technology, Business, or related work experience. Advanced degree is a plus.
• Good understanding of popular application security standards including OWASP TOP 10 and SANS TOP 25.
• In-depth familiarity with risk methodologies, industry security-related frameworks, such as NIT CSF.NIS 800.53, SOC 2 Trust Principles, and PCI Data Security Standard.
• 10+ years of Cybersecurity and Risk Management experience.
• Continuous learners, passionate about information security and creative problem solving with proven experience leading change in a dynamic environment and ability to build consensus.
• Proven leadership within a complex organization holding a high-profile global brand with demonstrated excellence in client/partner relationship management with Senior Executives.

Preferred Qualifications:

• Demonstrated ability to develop self, others and mentoring of teams.
• Strong technical acumen across cloud providers and security platforms
• Proven financial management experience.
• Demonstrated professional written, verbal, and presentation communications skills.
• Demonstrated inclusive leadership that embraces diversity.
• Certifications in one of more of the following technology and security disciplines e.g., CISSP, CISM, CRISC, C|CISO

The hiring range for this position in California is $180,646 to $ 242,330 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.