Principal Compliance Analyst
The Walt Disney Company, Bristol, CT, United States
Principal Compliance Analyst
Location: Bristol, Connecticut, United States / New York, New York, United States
Business: Disney Entertainment and ESPN Product & Technology
Job ID: 10147758
Date posted: Apr. 22, 2026
Role Summary
The NIST Principal Compliance Analyst serves as the central execution authority for the NIST Cybersecurity Framework (CSF) initiatives, driving operational resilience across enterprise security programs within Disney Entertainment and ESPN Product & Technology.
Program Philosophy & Operating Model
Framework Alignment – all initiatives map to the NIST CSF domains: Identify, Protect, Detect, Respond, Recover.
Measurable Progress – security improvements quantified via maturity targets and scorecards.
Transparent Governance – program progress visible to engineering teams, program leaders, and executive stakeholders.
Cross‑Enterprise Collaboration – coordination across security engineering, infrastructure, application development, and operations.
Key Responsibilities
Serve as enterprise program leader responsible for the NIST CSF roadmap execution.
Establish governance model for initiatives, including ownership, accountability, and reporting cadence.
Coordinate program execution across security engineering, infrastructure, and application teams.
Ensure initiatives progress from design to deployment to operational maturity.
Oversee workstreams: IT Asset Management/CMDB, Zero Trust architecture, DSPM, PAM, identity governance, secrets management, consumer protection controls, AI security governance, insider threat monitoring, vendor risk, patch and vulnerability automation.
Maintain clear deliverables, milestone tracking, measurable outcomes, and NIST alignment.
Build and maintain security maturity scorecards, dashboards, and executive‑level reporting.
Lead matrixed execution without direct authority, influencing engineering leaders and architects.
Continuously assess security posture, identify gaps, coordinate remediation, and ensure sustainable improvements.
Participate in steering committee, coordinate initiative leads, and manage program coordination layer.
Qualifications
10+ years in enterprise security, security architecture, risk management, or security program leadership.
Experience leading large‑scale security or transformation programs.
Familiarity with NIST, ISO 27001, PCI DSS, or SOX security programs.
Experience coordinating cross‑functional engineering, technical, data, and security initiatives in complex enterprise environments.
Bachelor’s degree required.
Core Competencies
Enterprise program leadership
Matrix leadership across engineering teams
Strategic planning and operational execution
Security framework interpretation and implementation
Executive communication and influence
Data‑driven program reporting
Impact of This Role
Improves measurable maturity against the NIST Cybersecurity Framework.
Strengthens enterprise security posture across identity, asset visibility, privileged access, and data protection.
Provides clear leadership insight into security maturity and risk exposure.
Aligns engineering teams with operational security improvements while maintaining delivery velocity.
Demonstrates to customers, partners, regulators, and shareholders a structured, continuously improving security posture.
Compensation & Benefits
Hiring range: Connecticut $155,700 to $208,700 per year; New York $163,100 to $218,700 per year. Base pay considers internal equity and geographical factors. Bonus and/or long‑term incentive units may be provided, along with medical, financial, and other benefits.
Equal Employment Opportunity
Disney Entertainment & Sports LLC is an equal opportunity employer. Applicants will receive consideration without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information, disability, or any other basis prohibited by law.
Disability Accommodation for Employment Applications
If you have a disability and require a reasonable accommodation to apply, email Candidate.Accommodations@Disney.com with your request. This email address is not for general employment inquiries.
#J-18808-Ljbffr
Location: Bristol, Connecticut, United States / New York, New York, United States
Business: Disney Entertainment and ESPN Product & Technology
Job ID: 10147758
Date posted: Apr. 22, 2026
Role Summary
The NIST Principal Compliance Analyst serves as the central execution authority for the NIST Cybersecurity Framework (CSF) initiatives, driving operational resilience across enterprise security programs within Disney Entertainment and ESPN Product & Technology.
Program Philosophy & Operating Model
Framework Alignment – all initiatives map to the NIST CSF domains: Identify, Protect, Detect, Respond, Recover.
Measurable Progress – security improvements quantified via maturity targets and scorecards.
Transparent Governance – program progress visible to engineering teams, program leaders, and executive stakeholders.
Cross‑Enterprise Collaboration – coordination across security engineering, infrastructure, application development, and operations.
Key Responsibilities
Serve as enterprise program leader responsible for the NIST CSF roadmap execution.
Establish governance model for initiatives, including ownership, accountability, and reporting cadence.
Coordinate program execution across security engineering, infrastructure, and application teams.
Ensure initiatives progress from design to deployment to operational maturity.
Oversee workstreams: IT Asset Management/CMDB, Zero Trust architecture, DSPM, PAM, identity governance, secrets management, consumer protection controls, AI security governance, insider threat monitoring, vendor risk, patch and vulnerability automation.
Maintain clear deliverables, milestone tracking, measurable outcomes, and NIST alignment.
Build and maintain security maturity scorecards, dashboards, and executive‑level reporting.
Lead matrixed execution without direct authority, influencing engineering leaders and architects.
Continuously assess security posture, identify gaps, coordinate remediation, and ensure sustainable improvements.
Participate in steering committee, coordinate initiative leads, and manage program coordination layer.
Qualifications
10+ years in enterprise security, security architecture, risk management, or security program leadership.
Experience leading large‑scale security or transformation programs.
Familiarity with NIST, ISO 27001, PCI DSS, or SOX security programs.
Experience coordinating cross‑functional engineering, technical, data, and security initiatives in complex enterprise environments.
Bachelor’s degree required.
Core Competencies
Enterprise program leadership
Matrix leadership across engineering teams
Strategic planning and operational execution
Security framework interpretation and implementation
Executive communication and influence
Data‑driven program reporting
Impact of This Role
Improves measurable maturity against the NIST Cybersecurity Framework.
Strengthens enterprise security posture across identity, asset visibility, privileged access, and data protection.
Provides clear leadership insight into security maturity and risk exposure.
Aligns engineering teams with operational security improvements while maintaining delivery velocity.
Demonstrates to customers, partners, regulators, and shareholders a structured, continuously improving security posture.
Compensation & Benefits
Hiring range: Connecticut $155,700 to $208,700 per year; New York $163,100 to $218,700 per year. Base pay considers internal equity and geographical factors. Bonus and/or long‑term incentive units may be provided, along with medical, financial, and other benefits.
Equal Employment Opportunity
Disney Entertainment & Sports LLC is an equal opportunity employer. Applicants will receive consideration without regard to race, religion, color, sex, sexual orientation, gender, gender identity, gender expression, national origin, ancestry, age, marital status, military or veteran status, medical condition, genetic information, disability, or any other basis prohibited by law.
Disability Accommodation for Employment Applications
If you have a disability and require a reasonable accommodation to apply, email Candidate.Accommodations@Disney.com with your request. This email address is not for general employment inquiries.
#J-18808-Ljbffr