Security Governance Lead - Secrets Management & Privileged Access Management SME
Who We Are
The Identity Cyber Process, Governance & Administration team is one of the primary functional teams under the enterprise-supporting Identity and Access Management (IAM) organization within Enterprise Technology.
This team is accountable and essential for the security and governance of the core identity services across the organization, including Secrets Management and Privileged Access Management (PAM). Specifically, this team's mission is to define, deliver, enforce and administer policies, standards, controls, platforms, and security practices for workforce identity across The Walt Disney Company (TWDC) to reduce security risk and enable IAM service effectiveness.
What You Will Do
We Are Hiring a Security Governance Lead - Secrets Management & PAM SME
You will be responsible for driving forward all cyber process, governance, and administration initiatives around the enterprise Secrets Management program and enterprise PAM solution, which includes governance around secret scanning and storage, security of the enterprise PAM solution, secrets solutions configuration management, and timely securing of secrets enterprise wide.
This role will serve as a large contributor to both the Secrets Management and PAM strategies and roadmaps as the dedicated Governance Lead, driving forward program objectives, and executing on key initiatives to meet these objectives. This role requires partnerships with various service teams in Global Information Security (GIS), segment Information Security Officer (ISO) teams, GIS Governance, Legal, and various product or service teams managing the PAM solution and secrets management ecosystem (e.g., scanning solutions, secrets storage solutions, etc.) to effectively drive direction in these programs and remediate exposed gaps.
Responsibilities:
? Engage across the company with strategic partners as the enterprise-wide Governance Lead for the Secrets Management and PAM service.
? Own majority of executive and business partner communications on risk reporting for the Secrets Management and PAM service, including to segment security teams, internal audit teams, etc.
? Act as a SME in driving improvements towards risk reduction to the overall Secrets Management and PAM service. Gain buy-in from key stakeholders for program success.
? Manage multiple competing tasks/responsibilities simultaneously, including program roadmap advancement and oversight, engagement with customers, intra-team coordination and collaboration, stakeholder reporting, etc.
? Provide knowledge of TWDC information security and regulatory policies and standards in the areas of secrets management and PAM
Must Have
? Minimum of 5+ years? experience with hands-on Secrets Management including scanning and vaulting platforms, secrets remediation, and risk reduction reporting
? Direct experience with securing exposed secrets, assisting to further refining scanning results
? Strong knowledge of Privileged Access Management (PAM) solutions and governance processes
? Experience partnering on technical risk assessments, performing advanced data analytics, facilitating compliance evaluations
? Experience driving governance methodologies, creating technical standards, designing visual dashboard/reporting mechanisms, and formulating risk remediation strategies
? Prior working experience in assessing and reviewing configurations of various secrets scanning solutions.
? This is a highly autonomous role, and you will need to solve common secrets management and PAM gaps
? Familiarity with various secrets management solutions, such as GitGuardian, ArmorCode, cloud scanning solutions, and vaulting solutions (e.g., HashiCorp, AWS Secrets Manager, Azure Key Vault, etc.)
Nice-to-Have
? CISSP certification
Education
? Bachelor's degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience
The hiring range for this position in New York City and Seattle, WA is $120,300-$161,300 per year and in California is $114,900-$154,100 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.
Apply Now
The Identity Cyber Process, Governance & Administration team is one of the primary functional teams under the enterprise-supporting Identity and Access Management (IAM) organization within Enterprise Technology.
This team is accountable and essential for the security and governance of the core identity services across the organization, including Secrets Management and Privileged Access Management (PAM). Specifically, this team's mission is to define, deliver, enforce and administer policies, standards, controls, platforms, and security practices for workforce identity across The Walt Disney Company (TWDC) to reduce security risk and enable IAM service effectiveness.
What You Will Do
We Are Hiring a Security Governance Lead - Secrets Management & PAM SME
You will be responsible for driving forward all cyber process, governance, and administration initiatives around the enterprise Secrets Management program and enterprise PAM solution, which includes governance around secret scanning and storage, security of the enterprise PAM solution, secrets solutions configuration management, and timely securing of secrets enterprise wide.
This role will serve as a large contributor to both the Secrets Management and PAM strategies and roadmaps as the dedicated Governance Lead, driving forward program objectives, and executing on key initiatives to meet these objectives. This role requires partnerships with various service teams in Global Information Security (GIS), segment Information Security Officer (ISO) teams, GIS Governance, Legal, and various product or service teams managing the PAM solution and secrets management ecosystem (e.g., scanning solutions, secrets storage solutions, etc.) to effectively drive direction in these programs and remediate exposed gaps.
Responsibilities:
? Engage across the company with strategic partners as the enterprise-wide Governance Lead for the Secrets Management and PAM service.
? Own majority of executive and business partner communications on risk reporting for the Secrets Management and PAM service, including to segment security teams, internal audit teams, etc.
? Act as a SME in driving improvements towards risk reduction to the overall Secrets Management and PAM service. Gain buy-in from key stakeholders for program success.
? Manage multiple competing tasks/responsibilities simultaneously, including program roadmap advancement and oversight, engagement with customers, intra-team coordination and collaboration, stakeholder reporting, etc.
? Provide knowledge of TWDC information security and regulatory policies and standards in the areas of secrets management and PAM
Must Have
? Minimum of 5+ years? experience with hands-on Secrets Management including scanning and vaulting platforms, secrets remediation, and risk reduction reporting
? Direct experience with securing exposed secrets, assisting to further refining scanning results
? Strong knowledge of Privileged Access Management (PAM) solutions and governance processes
? Experience partnering on technical risk assessments, performing advanced data analytics, facilitating compliance evaluations
? Experience driving governance methodologies, creating technical standards, designing visual dashboard/reporting mechanisms, and formulating risk remediation strategies
? Prior working experience in assessing and reviewing configurations of various secrets scanning solutions.
? This is a highly autonomous role, and you will need to solve common secrets management and PAM gaps
? Familiarity with various secrets management solutions, such as GitGuardian, ArmorCode, cloud scanning solutions, and vaulting solutions (e.g., HashiCorp, AWS Secrets Manager, Azure Key Vault, etc.)
Nice-to-Have
? CISSP certification
Education
? Bachelor's degree in Computer Science, Information Systems, Software, Electrical or Electronics Engineering, or comparable field of study, and/or equivalent work experience
The hiring range for this position in New York City and Seattle, WA is $120,300-$161,300 per year and in California is $114,900-$154,100 per year. The base pay actually offered will take into account internal equity and also may vary depending on the candidate's geographic region, job-related knowledge, skills, and experience among other factors. A bonus and/or long-term incentive units may be provided as part of the compensation package, in addition to the full range of medical, financial, and/or other benefits, dependent on the level and position offered.
Apply Now