Director - Information Security Officer

Job ID 454081BR
At Disney ABC/Television Group, you?ll help us tell stories that touch millions of people around the globe and new ways for us to connect with the world. Now is your opportunity to unleash your skills?.
Under the general direction of the CIO, the DATG Information Security Officer (ISO) will lead a team of security & technology professionals to develop and deliver a comprehensive and strategic information security, privacy and technology risk management Program for the Disney-ABC Television Group (DATG). The ISO will establish segment wide security policy and standards on behalf of DATG networks, systems, applications, information, data, intellectual property and content in digital, print and other formats. The ISO will serve as a strategic adviser to the CIO and other senior executives across DATG to ensure an effective information security culture to manage the impact of internal and external threats to DATG. The Program will advocate and champion initiatives to ensure systems, information and content are handled in accordance with their intended purpose across the media lifecycle. In addition, the ISO will set standards by which all 3rd parties and content licensors must adhere to, as well as enforce internal compliance with statutory and regulatory information security requirements. The ISO will partner with The Walt Disney Company Global Information Security (GIS) & Technology Risk Management organizations along with the Walt Disney Studios Content Protection teams and TWDC Global Security to ensure the aforementioned Program is coordinated, aligned and adheres to TWDC standards.
Responsibilities
Security Program Governance

? Establish and maintain a security Program that fosters appropriate, demonstrable, and coordinated information security standards, policies and procedures.
? Ensure internal information security standards and the use of third parties adhere to TWDC Information Security Policies & Standards, Industry Best Practices and react to an evolving cyber threat landscape.
? Ensure a Minimum Security Baseline is applied, security roles and responsibilities are clear and exist to demonstrate compliance with TWDC policy and best practice.
? Drive the key security metrics and scorecard process to measure relevant success and risk reduction strategies within respective business areas.
? Establish and chair a governance structure within DATG to ensure Program and initiatives are aligned with business priorities
Security Risk Assessments
? Lead and facilitate Information Security Risk Assessments for DATG.
? Establish and maintain a program that fosters the routine use of security risk assessments and risk management planning related to the information security of systems, networks, applications, 3rd parties and related activities.
? Establish and maintain a system that enables the strategic management of assessments, plans, implementations, operations, and usage related to information security throughout DATG.
? Establish and communicate security risk assessments requirements.
Content Protection Policy and Licensing Deal Support
? Serve as the primary Media related piracy and content security technology subject matter expert within DATG.
? Work closely with WDS to assess and evaluate distribution technology.
? Provide technical and content security guidance for technology and business strategy development within Media Operations, Engineering & IT.
? Establish and maintain content security policy and standards in collaboration with Technology Executive management, Business Unit partners and Legal teams and in alignment with the DATG Information Security Program.
? Participate and provide technical input at cross-industry consortia and standard-setting bodies such as DTLA, DCP, MPAA and others.
? Liaise and provide thought leadership with domestic and international colleagues to collaborate on technology policy.
? Establish strategic relationships with technology, operations and digital media departments/industry consortiums and vendors.
Security Training & Awareness
? Establish and maintain a process and artifacts that foster appropriate information security training and awareness across DATG that aligns with the GIS and GS Awareness programs.
? Identify and facilitate the Secure Application Development training needs for the application development teams across DATG.
? Support the delivery of, and identify the audience related to delivering effective and timely information security communications.
Security Operations
? Ensure that all identified remediation requirements resulting from GIS led Security Assessments, Reviews, and Security Incidents are tracked to completion.
? Serve as key point of contact on behalf of DATG during Information Security incidents involving DATG.
? Serve as key point of contact on behalf of DATG with TWDC Corporate Anti-Piracy team to proactively fingerprint and watermark DATG content and respond to and manage piracy.
? Partner closely with Global Security to ensure tight alignment across other TWDC security initiatives and requirements.
Basic Qualifications
? Minimum 12 years in technology organizations with 5-7 years of success leading a security discipline within large organizations.
? Must have thorough knowledge of information security components, principles, practices, and procedures. Must have thorough knowledge of web application, infrastructure, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development.
? Must have thorough knowledge of Content Protection and Security technology, licensing deal reviews and policy.
? Require one of the following certification: CISSP, CISM, CISA or industry equivalent
Required Education
? BA/BS in computer science, engineering or related field
Preferred Education
? Masters or other advanced degree preferred

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.

More Jobs

Director, Information Security Management, Inf...
Sacramento, CA Aerojet Rocketdyne
Director, Information Security Management, Inf...
Canoga Park, CA Aerojet Rocketdyne
Chief Information Security Officer
San Bernardino, CA County of San Bernardino
Director, Information Security
Mill Valley, CA Glassdoor
Chief Information Security Officer
Los Altos, CA Verity Health System of California