Job Description

Job Posting Title: Security Analyst IIReq ID: 10097569:JOB TITLE: Security AnalystLOCATION: RemoteJOB SUMMARY: The role is for an experienced GRC professional in cybersecurity to support GRC activities and ensure smooth execution of related initiatives. Key responsibilities include supporting the Third-Party Risk Program with due diligence assessments, stakeholder coordination, KPI maintenance, and documentation of findings. The role will support the IT & Cybersecurity Risk Management Program, assist the Cloud Centre of Excellence (CCoE) governance by reviewing cloud operations and ensuring compliance, perform risk assessments, manage the risk register, and maintain Cybersecurity & IT compliance with NIST CSF and ISO 27001 through automated monitoring and reporting.REPORTING TO: Manager - Governance, Risk and complianceKEY RESPONSIBILITIES:

• Support the Third-Party Risk Program

o Carry out third party related due diligence assessments.
o Coordinating with business stakeholder and vendor for program support.
o Maintain KPIs on an ongoing basis.
o Document responses, associated findings, and remediation plans in the TWDC systems

• As part of the Risk Management Program (IT & Cybersecurity), the role will;

o Support collection of individual metrics across the documented risk domains.
o Build dynamic live dashboards that showcase live risk domains, their health, and other associated trends and insights as generated by platform.
o Support reporting process around the program that includes scheduling periodic insights, dashboard updates to specific leaders and teams.
o Perform periodic reviews to ensure CIA of the information is maintained and adjust the metrics, sources, risk calculation and quantitative methods to ensure they are accurate and up-to-date, with automatic validations set up wherever possible.

• Supporting the Cloud Centre of Excellence (CCoE) governance, ensuring implementation of industry best framework and practices in existing and new cloud-related setups. This includes:

o Support process to regularly review cloud operations.
o Support relevant policies and monitoring/reporting procedures to ensure compliance and accountability in cloud operations.

• Perform risk assessments to analyse risks consistently, and implement appropriate treatment and mitigation measures for timely remediation of cyber and IT vulnerabilities.
• Update and manage the risk register for ongoing risk management across various teams, processes, and technology. (Automate wherever possible).
• Support activities to review and maintain Cybersecurity & IT Compliance with internal policies, relevant regulations and standards (e.g., NIST CSF, ISO 27001) through continuous automated monitoring and reporting.

SKILLS & ATTRIBUTES FOR SUCCESS:xefx82xa7 Excellent stakeholder management
xefx82xa7 Working knowledge of information security related best practices and standards such as ISO 2700x, SOC 2 requirements, SSAE 16/18 requirements etc.
xefx82xa7 Basic understanding of Cloud Security
xefx82xa7 Experience in the management of risk, controls, and compliance
xefx82xa7 Knowledge of risk assessment methodologies qualitative/quantitative
xefx82xa7 Excellent analytical and problem-solving skills
xefx82xa7 Excellent presentation making and delivery skillsPREFERRED EDUCATION & EXPERIENCE:
xefx82xa7 Relevant Bachelors/Masters degree from an accredited university or equivalent experience.
xefx82xa7 3-5 years of experience across Third-Party Risk Management, Information Security and Audit & Compliance monitoring
o Minimum of 2 years in TPRM/Internal Audit/Risk.
xefx82xa7 Preferred experience with a large company and/or Big 4 accounting firm.
xefx82xa7 One or more credentials - CISA, CRISC, ISO27001 LA/LI, CISSP, CCSSP.
xefx82xa7 Experience in AI/ML and Cloud Finops is a plus.ABOUT US:
Disney Star is a leading media & entertainment company in India that reaches over 700 million viewers a month in nine different languages. Our entertainment portfolio which cuts across general entertainment, movies, sports, infotainment, kids, and lifestyle content generates over 20,000 hours of original content every year.
Disney+ Hotstar, Indias leading streaming platform, enables us to reach and entertain audiences anywhere, anytime. Disney+ Hotstar has changed the way Indians consume their entertainment - from their favourite TV shows and movies to sporting extravaganzas.
With leadership positions in every segment it occupies, Disney Star has been redefining the media landscape for more than 30 years now, anchored on the three pillars of storytelling, innovation, and an unwavering focus on delivering to the expectations of our audiences.Join us, and let's continue to inspire a billion imaginations.WHY JOIN US:
Because our employees and cast members are at the heart of everything we do, Disney offers a competitive total rewards package that includes pay, health and savings benefits, time-off programs, special educational opportunities and more. Together, these rewards make up a comprehensive package that helps our employees grow personally and professionally and take advantage of the special extras that only Disney STAR can offer to make their journey memorableOfficial Company Pages: ;Official Careers: ;LinkedIn: ;Job Posting Segment: Enterprise TechnologyJob Posting Primary Business: Corporate Global Information SecurityPrimary Job Posting Category: Security GovernanceEmployment Type: Full timePrimary City, State, Region, Postal Code: Mumbai, IndiaAlternate City, State, Region, Postal Code:Date Posted: 2024-08-13

The Walt Disney Company