At Disney, we’re storytellers. We make the impossible, possible. The Walt Disney Company is a world-class entertainment and technological leader. Walt’s passion was to continuously envision new ways to move audiences around the world—a passion that remains our touchstone in an enterprise that stretches from theme parks, resorts and a cruise line to sports, news, movies and a variety of other businesses. Uniting each endeavor is a commitment to creating and delivering unforgettable experiences — and we’re constantly looking for new ways to enhance these exciting experiences.
The Enterprise Technology mission is to deliver technology solutions that align to business strategies while enabling enterprise efficiency and promoting cross-company collaborative innovation. Our group drives competitive advantage by enhancing our consumer experiences, enabling business growth, and advancing operational excellence.
The Global Network Engineering & Operations organization supports a large and complex portfolio of enterprise network assets operating within an evolving regulatory and internal governance landscape. To sustain a resilient and mature Network Quality Engineering, Risk Management, and Compliance program, the organization maintains dedicated, in‑house control ownership. Compliance Specialists serve as stewards of network security and standards spanning architecture, configuration, and hardware and software platforms while proactively mitigating intellectual property, vulnerability, and operational risks. The team preserves institutional knowledge, ensures long‑term compliance continuity, and drives accountability through disciplined remediation leadership, structured reporting, and continuous oversight
What You Will Do:
Own and govern network compliance with Disney Information Security Policies and Standards, ensuring sustained alignment with applicable regulatory and industry frameworks, including PCI DSS, SOC 2, and ISO 27001.
Lead network enterprise‑wide audit readiness and execution across multiple audit cycles, including planning, evidence strategy, control walkthroughs, auditor engagement, and timely remediation and closure of audit findings.
Partner with network engineering, operations, and cybersecurity teams to evaluate compliance and security impacts, validate technical control implementation, and drive remediation across infrastructure, application, and AI‑enabled environments.
Establish and maintain a risk management process by identifying, documenting, tracking, and reporting security, compliance, and operational risks, ensuring clear ownership, escalation, and resolution.
Design and operate automated, audit‑ready evidence and assurance processes, including structured evidence capture, centralized repositories, and repeatable audit workflows that reduce manual effort and improve audit quality.
Develop AI/ML‑specific compliance and assurance artifacts by automating control evidence capture and documenting security design decisions and risk acceptance to support internal reviews, regulatory inquiries, and external audits.
Assess AI/ML and generative AI solutions to ensure compliance with enterprise security, privacy, and data protection requirements, including secure data handling, access controls, model integration, and lifecycle governance.
Produce clear, decision‑focused compliance metrics, dashboards, and executive‑level reporting that communicate security posture, control effectiveness, and risk trends to senior leadership and diverse stakeholders.
Participate in reviews of incidents, changes, and significant operational events, applying lessons learned to strengthen security controls, standards, and governance processes while supporting stable and resilient services.
Assess AI/ML and generative AI solutions to ensure alignment with enterprise security, privacy, and compliance requirements, including data protection, access controls, and secure model integration.
Qualifications:
5+ years’ experience working in IT environments
Demonstrated ability to work directly with engineering, operations, and cybersecurity teams to assess compliance impacts, validate control implementation, and support remediation in real‑world technical environments.
Proven experience managing security controls and audit activities across recognized frameworks (e.g., PCI DSS, SOC 2, ISO 27001, NIST), including evidence collection, control mapping, remediation tracking, and auditor engagement across multiple audit cycles.
Experience performing risk assessments and communicating compliance posture and risk decisions through clear documentation, metrics, and executive‑level reporting to support governance, prioritization, and risk acceptance decisions.
Hands‑on experience designing, developing, or integrating AI/ML or Generative AI solutions within enterprise environments, including model development, model consumption, or AI‑enabled application workflows.
Experience participating in reviews of service issues, changes, or operational events, and using lessons learned to improve policies, standards, or controls in a way that supports stable and reliable services.
Working knowledge of network, infrastructure, and information security fundamentals, including common security protocols, operating systems, and internet‑based technologies, with the ability to apply these concepts when supporting compliance and security activities
Ability to identify and document security or operational risks, raise issues in a timely manner, and assist with tracking remediation actions while providing regular updates on progress, risks, and issues to project teams or stakeholders.
Clear and effective communication skills, with experience explaining technical or procedural topics to both technical and non‑technical audiences and working collaboratively with cross‑functional teams.
Preferred Qualifications:
Security Certifications such as CISSP, CISM, CISA or equivalent Network Certifications such as CCNA
Project Management Professional certification or relevant experience
Preferred Qualifications:
Bachelor’s degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience
The hiring range for this position in New York is $112,000 to $150,000 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate’s geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.
