At Disney, were storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walts passion was to continuously envision new ways to move audiences around the worlda passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences and were constantly looking for new ways to enhance these exciting experiences. DE&E Tech Compliance & Governance InfoSec team is seeking a Sr. Tech Compliance Specialist who will be an exceptional addition to our team. The InfoSec Technology Compliance & Governance team is primarily responsible for managing compliance and governance for the Technology Organization, including but not limited to the Sarbanes-Oxley (SOX) Section 404 program, PCI, PII, and ISPS. As a Sr. Tech Compliance Specialist, you will assist the Technology Compliance & Governance management team in the ongoing maintenance and support of the Compliance program which includes, but is not limited to, reporting, analysis, control testing, and partnering with various auditors and stakeholders. If you are someone who loves working in a dynamic environment and enjoys understanding, evaluating, and improving IT processes, then this is a great role for you. What You Will Do: Management of GRC workflows around coordination of: Independent audit support for: SOX 404 ITGCs PII PCI ISPS Perform control remediation testing procedures to address issues identified via audit assessments, access control reviews, internal or external audits and/or other assessments. Participate in audit walkthrough meetings to help establish internal testing procedures to gain operational comfort in the design of the Companys automated controls. This includes control self-evaluations of new controls or processes that impact the effectiveness of an existing control Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment Update and handle dataflow diagrams and narratives for all ITGC and application controls on a quarterly basis, including working with the Management on documentation of new scope Work with management and internal audit on maintaining the primary Risk and Control Matrix over the systems material to DMED and Hulu, Disney+, ESPN+ and STAR+ products Ensure for timely management response of audit findings into our corporate SOCD/SAD Partner with leadership to support the PCI-DSS compliance program What You Will Bring 5+ years of IT SOX experience and proven experience in supporting IT audit/compliance functions Knowledge of PCI, PII, ISPS compliance standards Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives Interpersonal skills with the ability to work with teams cross-functionally Strong verbal and written communication skills and ability to effectively communicate to technical and non-technical audiences, including developers and tech operators Detail-oriented but able to understand the big picture. Highly organized and efficient Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments Preferred Qualifications Experience and knowledge of GDPR compliance Experience working with companies that have a heavy microservice architecture Required Education: Bachelors degree in Computer Information Systems, computer science, CPA license, or an equivalent combination of education, training, and years of experience #DISNEYTECH The hiring range for this position in Santa Monica, CA; Glendale, CA; and Burbank, CA is $112,586 to $151,030 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidates geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.
Sr Technology Compliance Specialist
January 23, 2024January 23, 2024 | | 0 Comment | 12:30 am