Job Summary:

Disney Parks, Experiences and Products is the global hub that brings Disney’s stories, characters and franchises to life through theme parks and resorts, cruise and vacation experiences, and consumer products. The VP Information Security, DPEP provides the direction and strategy for protecting the confidentiality and integrity of DPEP systems and related infrastructure, ensuring a comprehensive cybersecurity program is effectively managed by leveraging industry best practices to protect and prevent cyber threats based upon business criticality.

Responsibilities:

Overall Responsibilities:

• Designs, builds and implements a DPEP information security management program in accordance with TWDC Information Security Policies & Standards and in alignment with DPEP business priorities
• Provides strategic leadership of DPEP information security program, coordinating information security standards and compliance across all DPEP lines of business
• Provides clear, concise metrics, analytics and reporting of DPEP risk posture to executive stakeholders

Specific Responsibilities:

• Serves as the strategic information security risk advisor to the DPEP CTO and other key DPEP technical and business leaders
• Evaluates DPEP information security risk in accordance with TWDC’s enterprise-wide information security strategy to develop an annual information security management plan specific to DPEP
• Establishes key performance indicators and proactively reports to DPEP executive stakeholders on performance of information security activities and metrics, and related risk posture
• Maintains DPEP information security management program in accordance with Disney enterprise requirements
• Ensures DPEP information security program is integrated with DPEP IT system planning, development and acquisition lifecycle
• Leads DPEP information security-related workflow mapping and related policy and procedural documentation management
• Monitors and ensures compliance with DPEP information security program by DPEP employees, non-employees and third parties
• Ensures individuals accountable for controls are implementing, testing and remediating any control failures effectively
• Leads DPEP change management, vulnerability management, application security and cloud platform security activities in close collaboration with enterprise security teams, ensuring clear and measurable security requirements are available and a clear assessment methodology is in place to allow consistent compliance verification across all environments
• Manages DPEP information security staff in a direct and matrix team structure, and provides leadership to support complex and ever-evolving operational requirements
• Represents the DPEP organization’s security compliance interests in all matters: with partners, suppliers, and industry associations to ensure the bi-directional flow of technical information and best practices in the area of information security
• Regularly evaluates, reviews and reports on the effectiveness of DPEP information security management program

As a key member of The Walt Disney Company Information Security Executive Leadership Team:

• Leads DPEP internal and third-party assessment programs, ensuring that the level of effort for each assessment is commensurate with the sensitivity of information and/or content to be shared
• Provides expert-level analysis of alternatives, design and implementation plans, and recommendations supported by strong research skills and provided through strong communication skills
• Supervises and reviews updates to information security policies, architecture, standards, and/or other technical documents
• Stays abreast of latest industry developments in information security
• Drives innovation of security programs and underlying process and solutions to stay ahead of the threat landscape

Basic Qualifications:

• 15+ years of relevant experience in information security or directly related field
• Proven ability to manage and facilitate annual operating budget and strategic planning
• Demonstrated ability to manage the day-to-day tasks of diverse teams, while effectively influencing senior management on key decisions and direction
• Proven ability to inspire, motivate and lead a team to produce quality work in the development of solutions
• Demonstrated inclusive leadership that embraces diversity
• Demonstrated ability to connect and influence others in order to achieve organizational priorities
• Proven ability to successfully operate in a highly-matrixed organizational system where partnership and influence are key drivers of success
• Demonstrated experience leading large organization-wide security initiatives
• Demonstrated ability to develop teams and mentor staff
• Demonstrated ability to develop geographically and otherwise diverse highly technical teams
• Ability to communicate effectively to executive leadership in both business and technology roles
• Demonstrated exceptional critical thinking, strategic planning, and process management skills
• Proven results in delivering creative and innovative business and technology solutions
• Excellent written and verbal communication skills
• Excellent presentation and group dynamics skills
• Strong familiarity with information security, risk management, and IT governance standards and frameworks (e.g., NIST 800-53, ISO 27000, ISO 31000, etc.)
• Experience in formal risk assessment and risk management practices
• Experience with vulnerability analysis processes and best practices
• Experience managing third-party risk, business continuity risk, and IT operational risk
• Experience establishing and managing control inventories and performing effectiveness reviews
• Experience in Media and Entertainment or related companies
• Proven executive leadership within a complex organization holding a high-profile global brand
• Demonstrated excellence in client/partner relationship management with senior executives
• Excellent orientation to both the details and the bigger picture
• Solid business acumen with a high level of integrity and dependability
• Proactive at finding solutions to complex problems
• Action oriented with high standard for quality and performance

Required Education

• Bachelor’s degree or equivalent required
• Certifications in one of more of the following - CISSP, CISM, CISA, CPP, CRISC, CEH, ITIL

Preferred Education

• Master's Degree is a plus

About Parks, Experiences and Products:

The Parks, Experiences and Products segment includes Disney’s iconic travel and leisure businesses, which include six resort destinations in the United States, Europe and Asia, a top-rated cruise line, a popular vacation ownership program, and an award-winning guided family adventure business. Disney’s global consumer products operations include the world’s leading licensing business across toys, apparel, home goods, digital games and apps; the world’s largest children’s publisher; Disney store locations around the world; and the shopDisney e-commerce platform.

About The Walt Disney Company:

The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise with the following business segments: media networks, parks and resorts, studio entertainment, consumer products and interactive media. From humble beginnings as a cartoon studio in the 1920s to its preeminent name in the entertainment industry today, Disney proudly continues its legacy of creating world-class stories and experiences for every member of the family. Disney’s stories, characters and experiences reach consumers and guests from every corner of the globe. With operations in more than 40 countries, our employees and cast members work together to create entertainment experiences that are both universally and locally cherished.

This position is with Disney Worldwide Services, Inc., which is part of a business segment we call Parks, Experiences and Products.

Disney Worldwide Services, Inc. is an equal opportunity employer. Applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Disney fosters a business culture where ideas and decisions from all people help us grow, innovate, create the best stories and be relevant in a rapidly changing world.