Security and Compliance Specialist

Information Technology
in Orlando
, FL
Reference: 19-04464


  • Coordination and successful execution of compliance programs for Parks, Experiences, and Products (DPEP) Technology, including Sarbanes-Oxley, Payment Card Industry, and Data Protection Program (to adhere with data privacy regulations) and others as necessary
  • This individual has primary responsibility for DPEP domestic locations, and provides guidance and partnership to the DPEP international locations
  • Developing the overall timelines and project plans for necessary compliance work, including the following types of activities: collection and QA of requested documentation, process and control walkthrough’s, testing, observations/interviews with Auditors, and remediation to address any control gaps
  • Working with the internal and external auditors as they conduct their audits; this could include coordinating and facilitating site visits, providing them with all requested documentation, and addressing resulting questions or concerns
  • Partnering with internal stakeholders, of varied leadership levels, with responsibility for in-scope applications to educate them on compliance requirements, ensure appropriate controls are in place to meet the requirements and assist them with outlining remediation plans to address any deficiencies
  • Providing work direction to compliance team members, including on-site and off-shore resources
  • Working with Corporate resources to ensure alignment with the overall enterprise Compliance programs
  • Analyzing changes in regulations for our compliance programs and implementing plans for these to be sufficiently addressed

Basic Qualifications:

  • 5+ years of IT audit or IT compliance experience
  • 5+ years of program and project management experience
  • Ability to understand technical risks and issues and recommend solutions to address
  • Ability to communicate technical concepts in business terms
  • Ability to articulate IT compliance requirements and design IT controls
  • Requires one of the following certifications: CISSP, CISM, CISA or equivalent

Preferred Qualifications:

  • Expert project/program management skills, with strong emphasis on organization, communication and prioritization skills
  • Demonstrated verbal and written communication skills
  • Demonstrated record of taking initiative and thorough follow thru
  • Self-starter with leadership skills and the ability to manage multiple tasks concurrently
  • Strong analytical and decision-making skills
  • Strong negotiation and influencing skills
  • Ability to build and maintain constructive working relationships with a diverse community of technical and non-technical audiences
  • Demonstrated experience in identifying compliance risk and development of mitigation/remediation plans
  • Ability to work in large global environments spanning multiple time-zones
  • Experience using the Archer/RSA Governance, Risk and Compliance tool as a document repository for Compliance documentation
  • In depth knowledge of laws, regulations, and industry requirements related to Information Security (i.e. Payment Card Industry, Domestic and International Privacy regulations)
  • QSA certification

Required Education:

  • BA/BS or equivalent