The Sr.
Manager, Content & Information Security reports into the Director of Content & Information Security atThe Walt Disney Studios based in Glendale, CA and is responsible for security governance and risk management activities in support of Studio Content & Information Security services.
This role will be occupied by an individual with a strong a technical background in implementing risk driven information security frameworks, this resource will also have an in-depth understanding of information and security technologies.
Responsibilities:* Refine governance and risk management strategy for various Content & Information Security programs (site, application and cloud security)* Further refine the organization?s risk management strategy through deployment of risk identification, scoring and treatment methodologies* Working with work stream leads, serve as a Subject Matter Expert providing guidance for development of security best practices * Provide technical solutions to internal and external business units with an emphasis around secure network architecture and hardening best practices* Socialize programs internally, including the development of executive-level presentations, and externally with key partners* Apply current knowledge of IT trends and systems processes to identify security and risk management issues and opportunities for improvement* Evaluate and recommend new and emerging security products and technologies* Willingness to travel up to 25% domestically and internationallyBasic Qualifications:* 10+ years managing risk management functions for large-multinational corporations* 7+ years of experience in information security and/or the following areas: security architecture, security engineering, system and network security, authentication and protocols, cryptography, and application security* Broad technical skills in conducting technical security assessment against established security frameworks (e.G., ISO 17799/27002, PCI, MPAA)* Ability to work in a highly distributed matrixed environment* Certifications in one or more of the following required CISSP, CISM, CISA, CEH, ITIL* Broad technology expertise with application, cloud, system integration, data, and/or infrastructure deployments or assessments* Experience or understanding of the following:* Configuring and maintaining firewalls and network switching / routing devices (e.G., Palo Alto, Sonicwall, Fortinet, Brocade, Cisco, HP)* Network architecture and layer 2 and Layer 3 routing principles* Vulnerability scanning, SIEM and common methods of exploiting vulnerabilities* Endpoint protection and Data Loss Prevention solutions* Secure configuration of Linux, Windows, and Mac based servers and endpoints* LAN, WAN, TCP/IP connectivity and security protocols (Point-to-Point, MPLS, VPN)* Wireless authentication standards (802.1x)* Directory Services (e.G., Active Directory, Open Directory, LDAP)* Storage solutions (e.G., SAN, NAS, encrypted storage mechanisms)* Digital transfer tools (e.G., Aspera, Signiant)* OS hardening best practices for both servers and workstations* Computer investigation processes and techniques* General cloud security best practicesPreferred Qualifications:Experience in the following would be beneficial:* Knowledge of studio IT systems, including production and post-productions environments* Thorough knowledge of feature film production and post-production industries, services, and workflows (e.G., DI, editing, visual/audio effects, encoding, on-set support)* Experience evaluating physical and digital security protocols at facilitiesRequired EducationBachelor’s degree in Computer Science, Information Systems, IT Engineering, or a related field