Sr Information Security Specialist - External Threat
Job Summary:The Global Information Security (GIS) group provides services and solutions to protect the value and use of Disney’s information through risk evaluation, collaboration, standardization, enforcement, and education across the enterprise. We protect the brand and reputation while enabling and supporting business objectives. GIS teams are located in Seattle WA, Burbank CA, Bristol CT, New York NY, and Orlando FL - and will consider candidates for any of these locations.
In order to ensure that our services keep TWDC secure, we follow an ongoing, iterative process, including continued reevaluation of our services over time to address emerging threats as well as changes in business and technology. This process includes:
- Analysis of known and emerging threats to determine risks against TWDC assets
- Creation, maintenance, governance and communication of security policies and standards across TWDC
- Assessment and audit of compliance against the security policies and standards
- Assurance that TWDC assets are effectively managed and monitored to meet TWDC security criteria
We are looking to add people to our team who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, passionate about information security and love their work.
Responsibilities:The Senior Security Specialist reports to the manager of operations for the Information Security Forensic, Investigation, Response and Enhanced Detection (F.I.R.E) team. This role plays a critical role with ensuring the overall effectiveness and efficiency of GIS F.I.R.E team operations is maintained and or matured. The role is also responsible for evaluating reported or identified security risks, facilitating and executing strategic remediation, driving security initiatives, or efforts to improve the company’s overall security posture.
Key areas of responsibility include:
- Facilitate end-to-end security activities surrounding systemic issues identified during security incidents and associated actions beyond stopping the initial threat such as, but not limited to:
- Support incident response post incident reviews and drive lessons learned and best practices towards continuous improvement; ensure timely completion/closure
- Compile all F.I.R.E data, metrics, and executive summaries to ensure timely development of F.I.R.E Operations deliverables (Monthly Business Reviews, Cyber trend reports, etc.)
- Collaborate with GIS peers to deliver analysis and briefings around security operations efficiency, effectiveness and coverage.
- Support incident recap and trends debriefs with GIS partners: AppSec, CAT, EVM, Risk Mgmt
- Evaluate security concerns and potential threats raised by business, IT and security partners across the enterprise and/or cyber intelligence activities to determine the appropriate course of engagement including assessments, remediation, or risk acceptance.
- Identification/development of risk observations sourced from incident trends and security concerns
- Execute Critical Response actions sourced from Cyber Intelligence reports
- Support Security Breach evaluations to determine potential risks to the company’s security posture
- Coordinate and distribute updates or response actions to leaders
- Support and facilitate actions for HR, ER or legal investigations (i.e. account disablements, network access removal, etc.)
- Support F.I.R.E. strategy and planning efforts to identify and execute fiscal year goals and objectives and ensure alignment with GIS global strategy and business objectives. Ensure all changes are prioritized and supported through appropriate risk assessment and analysis.
- Support operational oversight and perform audits of F.I.R.E operational services and requirements to drive maturation, effectiveness and efficiency of strategy and processes with teams.
Basic Qualifications:
- Minimum 3 years work experience within an information security function; technical role or functional exposure to the areas of information security operations, incident response, anomaly detection, and vulnerability management
- Understanding of overall security landscape including concepts around governance, compliance, security controls
- Foundational technical knowledge in computing hardware, application development, network technologies, and Cloud services
- Ability to break down and communicate technically complex security solutions and impacts for non-technical audiences
- General understanding of security threats, attacks and tactics
Preferred Education
- BA/BS in business or computer science or appropriate work experience within the information technology/security
- CISSP or equivalent
Additional Information:DISNEYTECH
#LI-JH8