Security Specialist at Disney

What you'd actually do

Independent audit support for: SOX 404 ITGC, PII, PCI, ISPS

Perform control health checks and remediation testing procedures to address issues identified via audit assessments, internal or external audits, and/or other assessments.

Participate in audit walkthrough meetings to gain operational comfort in the design of the Company’s automated controls.

Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment

Perform control finding investigation and record in internal SOCD/SAD

Skills

Required

Minimum of 3 years of IT SOX experience and proven experience in supporting IT audit/compliance functions
Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives
Interpersonal skills with the ability to work with teams cross-functionally
Strong verbal and written communication skills
Ability to effectively communicate to technical and non-technical audiences
Highly organized and efficient
Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments

Nice to have

Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR
Experience working with companies that have a heavy microservice architecture

Job Posting Title:

Security Specialist

Req ID:

10139723

Job Description:

At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company (TWDC) is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.

The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.

The Global Information Security (GIS) organization strives to secure the magic by employing best-in-class services to assess, prevent, detect, and respond to cyber threats that present risk to The Walt Disney Company. We enable the business by integrating enterprise and business segment-specific supported services to create a robust, efficient, and adaptable cybersecurity program. Our key objectives are to:

Secure the Magic by protecting information systems and platforms.
Reduce Risk by proactively assessing, preventing, and detecting to prevent harm to the Company and our Guests.
Strengthen the business through optimizing execution, application, and technology used to protect the Company.
Innovate by investing in core capabilities to enhance operational efficiency.

Team Description:

Global Information Security (GIS) supports all of Disney’s business segments, including Disney Entertainment & ESPN (DE&E). DE&E encompasses the operations of Disney’s streaming services—Disney+, Hulu, ESPN+, Disney+ Hotstar, Star, and the upcoming Venu Sports streaming service—as well as Disney’s broadcast and cable networks, including ABC, ESPN, FX, Disney Channels, and National Geographic. DE&E sits at the intersection of entertainment, sports, and technology, striving to connect viewers with beloved stories while advancing the streaming industry with consumer-first innovations. Security professionals supporting DE&E work with industry-leading technologies to deliver world-class, highly secure services to customers.

What You’ll Do:

Independent audit support for:
- SOX 404 ITGCs
- PII
- PCI
- ISPS
Perform control health checks and remediation testing procedures to address issues identified via audit assessments, internal or external audits, and/or other assessments.
Participate in audit walkthrough meetings to gain operational comfort in the design of the Company’s automated controls.
Perform impact analysis and risk assessment on deficiency findings and documentation associated with the assessment
Perform control finding investigation and record in internal SOCD/SAD
Provide requirements input to Development leads to identify and implement automation and efficiency opportunities to meet governance and compliance demands.
Provide program status updates to management
Work with stakeholders to obtain audit evidence

Required Qualifications & Skills:

Minimum of 3 years of IT SOX experience and proven experience in supporting IT audit/compliance functions
Thorough understanding of SOX ITGC and ICFR 404 standards and audit objectives
Interpersonal skills with the ability to work with teams cross-functionally
Strong verbal and written communication skills
Ability to effectively communicate to technical and non-technical audiences
Highly organized and efficient
Ability to navigate through ambiguity, manage and coordinate multiple project assignments simultaneously in a fast-paced, deadline-driven environment, accepting ownership and accountability of the process and deliver on commitments

Preferred Qualifications:

Experience and knowledge of NIST framework, ISO 27001, K-ISMS, GDPR
Experience working with companies that have a heavy microservice architecture

Required Education:

Bachelor’s degree in Computer Science, CPA license, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience

#DISNEYTECH

The hiring range for this position in Burbank, CA is $97,500.00 to $130,700.00 per year, in Santa Monica, CA is 97,500.00 to $130,700.00 and in Glendale, CA is $97,500.00 to $130,700.00 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.

Job Posting Segment:

Enterprise Technology

Job Posting Primary Business:

Corporate Global Information Security

Primary Job Posting Category:

Security Governance

Employment Type:

Full time

Primary City, State, Region, Postal Code:

Burbank, CA, USA

Alternate City, State, Region, Postal Code:

USA - CA - 1200 Grand Central Ave, USA - CA - 2450 Broadway

Date Posted:

2026-01-26