Associate Director-Technology- Security
Overall Purpose:This is a Compliance position reporting into the Chief Security office. This position is supporting BUs for the defined Compliance functions including: Regulatory Compliance, Cloud Compliance, Audit Management, Proactive Compliance, Periodic Assessments & Validation, Issue Trending / Remediation / Tracking & Reporting, and overall Compliance to Policies, Standards, & Baselines (Gap Remediation). Increased responsibilities also include an expanded team requiring management, cross-training, and development. This role will engage broadly across business and information technology functions to ensure effective awareness, planning, and execution on security & compliance-related concepts, projects, initiatives, and requirements. You will be responsible for review and analysis of policy, compliance, and security requirements, work with senior team members to develop integrated plans to protect corporate assets and information technology, and administers security systems to support daily security operations.Qualifications:
Supervises a target size team of 5-10 or more employees (with at least 4 level 2 employees) that are responsible for the development and/or delivery of IT-related work relative to the technical sub-families including Agile, Application Design and Programming, Business Support, Database, Systems Architecture and Engineering, Systems Technical Support, Technical Project Management, and Technology Security. Make suggestions and recommendations as to the hiring, firing, advancement, promotion, and other status changes for employees under their supervision.
Please see complete job description online.
How to Apply:
- Knowledge of / experience within the media industry required.
- Will develop processes for evaluating compliance with internal policies, standards and baselines, industry standards (e.g., ISO27001, NIST), and regulatory requirements such as SOX, PCI, GDPR, and CCPA.
- Will own program management of key initiatives such as SOX / PCI, including planning and scoping, execution of assessments, final reporting, and remediation of non-compliant areas.
- Will be the resident expert for compliance monitoring, identifying gaps in the design or operating effectiveness of control points.
- Stay abreast of existing and upcoming regulatory legislation in order to assess potential impact on the WM compliance programs.
- Drive process improvements and control implementation across business functions, including resolution of assessment findings and independent initiatives.
- Assist in the implementation of the Company GRC system, policies, standards, and processes.
- Responsible for end to end programs, such as leading targeted compliance audits and reviews, communicating results and recommendations in clear and concise written reports; and collaborate with management to ensure corrective actions are implemented effectively.
- Validate system requirements, flows, and written procedures through testing and observations, and to ensure regulatory compliance operating procedures and controls are working as intended.
- Have a diverse technical background, professional security credentials, demonstrated effectiveness in management and leadership, effective business acumen, excellent written and verbal communication skills, and exceptional interpersonal skills.
- Proven experience executing strategies related to compliance
- Expert knowledge in Access Management, Active Directory Consolidations, Compliance Policy Changes & Enhancements, etc.
- Highly effective communicator
- Technical knowledge of applications, network, operating systems, databases, tools, public and private cloud, etc.
- Demonstrated experience in thought leadership and root cause analysis,
- Working knowledge with the Payment Card Industry (PCI) standard
- CISA, CISSP or CISM certification essential
Experience in documenting, designing and testing internal controls
- Ability to work in a fast paced or rapidly growing organizations
- Ability to learn quickly, work independently, and maintain professional skepticism
- Strong project management/organizational and planning skills; ability to manage multiple projects simultaneously and prioritize tasks to meet project deadlines