Lead Compliance Analyst
Technology is at the heart of Disney's past, present, and future. Disney Entertainment and ESPN Product & Technology is a global organization of engineers, product developers, designers, technologists, data scientists, and more all working to build and advance the technological backbone for Disney's media business globally.
The team marries technology with creativity to build world-class products, enhance storytelling, and drive velocity, innovation, and scalability for our businesses. We are Storytellers and Innovators. Creators and Builders. Entertainers and Engineers. We work with every part of The Walt Disney Company's media portfolio to advance the technological foundation and consumer media touch points serving millions of people around the world.
The Lead Compliance Analyst will serve as a key member of the DE&E Product & Technology coordination team, partnering closely with TWDC GIS and other security and regulatory groups across TWDC, as well as stakeholders throughout DE&E Product & Technology Pillars.
This role will own and manage SOX and PII compliance activities, including user access reviews, governance, and administrative functions as part of the attestation cycle, transitioning these responsibilities from CDI teams. The analyst will ensure quarterly compliance and lead readiness efforts for certifications, attestations, security assessments (internal and third-party), and user access reviews (UARs).
In addition to maintaining compliance, the analyst will ensure all SOX and PII campaigns are executed accurately and that corrective actions are implemented promptly. They will also drive process improvement by streamlining workflows and implementing automation to replace manual tasks.
Additional responsibilities include :
- Building strong relationships within CDI to identify and communicate compliance risks.
- Establishing governance frameworks and fostering a positive compliance culture.
- Defining and refining processes to support regulatory requirements and external audit expectations.
- Innovating and improving operational efficiency through automation and best practices.
This position requires a proactive leader who can balance compliance obligations with continuous improvement, ensuring DE&E Product & Technology remains aligned with internal policies and external regulatory standards.
Responsibilities :
Own and manage SOX and PII compliance activities, including user access reviews, governance, and administrative functions as part of the attestation cycle; ensure timely and accurate evidence collection and storage.Ensure all SOX and PII campaigns are executed accurately and that corrective actions are implemented promptly to maintain compliance and address gaps.Lead the transition of compliance responsibilities from CDI teams, including moving from manual user access reviews to automated processes.Coordinate compliance campaigns such as certifications / attestations, security assessments (internal and third-party), user access reviews (UARs), and quarterly / annual risk assessments.Streamline and automate compliance processes to improve efficiency, reduce operational risk, and support implementation of tools for compliance reporting and management.Establish governance frameworks and foster a positive compliance culture, defining effective processes aligned with regulatory and audit requirements; enforce ISPS policy across teams.Serve as liaison between engineering teams and audit / security groups, ensuring clear communication and timely delivery of regulatory and non-regulatory compliance activities.Monitor and audit programs and processes, conducting routine internal reviews and producing standard / ad hoc reports on compliance status for leadership.Identify and communicate compliance risks, providing support to management in risk mitigation and ensuring operational processes meet compliance standards.Coordinate across multiple teams using technology, ensuring policies and processes are implemented effectively without disrupting day-to-day operations.Develop subject matter expertise in DE&E Product & Technology products and applications to lead compliance campaigns and governance activities.Basic Qualifications :
7+ years of analytical, project management, or other relevant experience preferredBachelor's degree or equivalent experience in compliance and security compliance sectorsStrong communication skills, as well as written and verbal presentation skillsDemonstrated experience leading or managing large projects that span organizational unitsBasic knowledge of the entertainment industry and digital content delivery terminology and technology