Job Posting Title:

Security Analyst II

Req ID:

10097569

Job Description:

JOB TITLE: Security Analyst

LOCATION: Remote

JOB SUMMARY: The role is for an experienced GRC professional in cybersecurity to support GRC activities and ensure smooth execution of related initiatives. Key responsibilities include supporting the Third-Party Risk Program with due diligence assessments, stakeholder coordination, KPI maintenance, and documentation of findings. The role will support the IT & Cybersecurity Risk Management Program, assist the Cloud Centre of Excellence (CCoE) governance by reviewing cloud operations and ensuring compliance, perform risk assessments, manage the risk register, and maintain Cybersecurity & IT compliance with NIST CSF and ISO 27001 through automated monitoring and reporting.

REPORTING TO: Manager - Governance, Risk and compliance

KEY RESPONSIBILITIES: 
•    Support the Third-Party Risk Program
o    Carry out third party related due diligence assessments.
o    Coordinating with business stakeholder and vendor for program support.
o    Maintain KPIs on an ongoing basis.
o    Document responses, associated findings, and remediation plans in the TWDC systems
•    As part of the Risk Management Program (IT & Cybersecurity), the role will; 
o    Support collection of individual metrics across the documented risk domains.
o    Build dynamic live dashboards that showcase live risk domains, their health, and other associated trends and insights as generated by platform.
o    Support reporting process around the program that includes scheduling periodic insights, dashboard updates to specific leaders and teams.
o    Perform periodic reviews to ensure CIA of the information is maintained and adjust the metrics, sources, risk calculation and quantitative methods to ensure they are accurate and up-to-date, with automatic validations set up wherever possible.
•    Supporting the Cloud Centre of Excellence (CCoE) governance, ensuring implementation of industry best framework and practices in existing and new cloud-related setups. This includes:
o    Support process to regularly review cloud operations.
o    Support relevant policies and monitoring/reporting procedures to ensure compliance and accountability in cloud operations.
•    Perform risk assessments to analyse risks consistently, and implement appropriate treatment and mitigation measures for timely remediation of cyber and IT vulnerabilities. 
•    Update and manage the risk register for ongoing risk management across various teams, processes, and technology. (Automate wherever possible).
•    Support activities to review and maintain Cybersecurity & IT Compliance with internal policies, relevant regulations and standards (e.g., NIST CSF, ISO 27001) through continuous automated monitoring and reporting.

SKILLS & ATTRIBUTES FOR SUCCESS: 

    Excellent stakeholder management
    Working knowledge of information security related best practices and standards such as ISO 2700x, SOC 2 requirements, SSAE 16/18 requirements etc.
    Basic understanding of Cloud Security
    Experience in the management of risk, controls, and compliance
    Knowledge of risk assessment methodologies – qualitative/quantitative
    Excellent analytical and problem-solving skills
    Excellent presentation making and delivery skills

PREFERRED EDUCATION & EXPERIENCE: 
    Relevant Bachelor’s/Master’s degree from an accredited university or equivalent experience.
    3-5 years of experience across Third-Party Risk Management, Information Security and Audit & Compliance monitoring 
o    Minimum of 2 years in TPRM/Internal Audit/Risk.
    Preferred experience with a large company and/or Big 4 accounting firm.
    One or more credentials - CISA, CRISC, ISO27001 LA/LI, CISSP, CCSSP.
    Experience in AI/ML and Cloud Finops is a plus.

ABOUT US: 
Disney Star is a leading media & entertainment company in India that reaches over 700 million viewers a month in nine different languages. Our entertainment portfolio which cuts across general entertainment, movies, sports, infotainment, kids, and lifestyle content generates over 20,000 hours of original content every year. 
Disney+ Hotstar, India’s leading streaming platform, enables us to reach and entertain audiences anywhere, anytime. Disney+ Hotstar has changed the way Indians consume their entertainment - from their favourite TV shows and movies to sporting extravaganzas. 
With leadership positions in every segment it occupies, Disney Star has been redefining the media landscape for more than 30 years now, anchored on the three pillars of storytelling, innovation, and an unwavering focus on delivering to the expectations of our audiences.  

Join us, and let's continue to inspire a billion imaginations.

WHY JOIN US: 
Because our employees and cast members are at the heart of everything we do, Disney offers a competitive total rewards package that includes pay, health and savings benefits, time-off programs, special educational opportunities and more. Together, these rewards make up a comprehensive package that helps our employees grow personally and professionally and take advantage of the special extras that only Disney STAR can offer to make their journey memorable

Official Company Pages: Disney Star; Disney+ Hotstar

Official Careers: Disney Star Careers; Disney+ Hotstar Careers

LinkedIn: Disney Star; Disney+ Hotstar

Job Posting Segment:

Corporate Global Information Security

Job Posting Primary Business:

Network - Global Information Security

Primary Job Posting Category:

Security Governance

Employment Type:

Full time

Primary City, State, Region, Postal Code:

Mumbai, India

Alternate City, State, Region, Postal Code:

Date Posted:

2024-08-13