Description/Comment:
- Coordination and successful execution of compliance programs for Parks, Experiences, and Products (DPEP) Technology, including Sarbanes-Oxley, Payment Card Industry, and Data Protection Program (to adhere with data privacy regulations) and others as necessary
- This individual has primary responsibility for DPEP domestic locations, and provides guidance and partnership to the DPEP international locations
- Developing the overall timelines and project plans for necessary compliance work, including the following types of activities: collection and QA of requested documentation, process and control walkthroughâs, testing, observations/interviews with Auditors, and remediation to address any control gaps
- Working with the internal and external auditors as they conduct their audits; this could include coordinating and facilitating site visits, providing them with all requested documentation, and addressing resulting questions or concerns
- Partnering with internal stakeholders, of varied leadership levels, with responsibility for in-scope applications to educate them on compliance requirements, ensure appropriate controls are in place to meet the requirements and assist them with outlining remediation plans to address any deficiencies
- Providing work direction to compliance team members, including on-site and off-shore resources
- Working with Corporate resources to ensure alignment with the overall enterprise Compliance programs
- Analyzing changes in regulations for our compliance programs and implementing plans for these to be sufficiently addressed
Basic Qualifications:
- 5+ years of IT audit or IT compliance experience
- 5+ years of program and project management experience
- Ability to understand technical risks and issues and recommend solutions to address
- Ability to communicate technical concepts in business terms
- Ability to articulate IT compliance requirements and design IT controls
- Requires one of the following certifications: CISSP, CISM, CISA or equivalent
Preferred Qualifications:
- Expert project/program management skills, with strong emphasis on organization, communication and prioritization skills
- Demonstrated verbal and written communication skills
- Demonstrated record of taking initiative and thorough follow thru
- Self-starter with leadership skills and the ability to manage multiple tasks concurrently
- Strong analytical and decision-making skills
- Strong negotiation and influencing skills
- Ability to build and maintain constructive working relationships with a diverse community of technical and non-technical audiences
- Demonstrated experience in identifying compliance risk and development of mitigation/remediation plans
- Ability to work in large global environments spanning multiple time-zones
- Experience using the Archer/RSA Governance, Risk and Compliance tool as a document repository for Compliance documentation
- In depth knowledge of laws, regulations, and industry requirements related to Information Security (i.e. Payment Card Industry, Domestic and International Privacy regulations)
- QSA certification
Required Education:
- BA/BS or equivalent