Staff Information Security Compliance

Job Description

Staff (Lead) Information Security Compliance

Your New Role...
Warner Bros. is hiring a talented Lead of Information Security Compliance who will be a part of the Global Information and Content Security team supporting the organization globally all domestic and international brands and divisions. As a member of the GICS team, you will be assigned to the Security Compliance team and will work in partnership with key partners and stakeholders such as Technology, HR, Internal Audit, External Audit, Security Engineering, Legal, IDAM, etc. to ensure security and compliance with various regulatory and policy requirements. The successful candidate will have experience across multiple compliance domains with experience in audit process/procedure, risk analysis and mitigation, control testing, and continuous improvement initiatives.

This team focuses on validating that critical processes and controls are working end-to-end, identifying risk areas and risk treatment and control mitigation, as well as participating in projects to understand and determine potential impact to regulatory compliance components. You will identify areas of improvement and non-compliance which may result in process changes and/or new controls. The Information Security Compliance Lead will drive various initiatives to completion and assist in managing and growing an effective Compliance Program. You will be responsible for a variety of functions centered on effective implementation of all of the elements of a compliance program (project): compliance with applicable laws, rules, and regulations, internal policies and procedures; accepted business practices, ethical standards, and contractual security obligations.

Your Role Accountabilities...
OPERATIONS/PROJECT MANAGEMENT
• Assist project team, key stakeholders, and management to prioritize security and compliance requirements and develop and maintain detailed project plans using standard tools.
• Execute on Security & Compliance programs owned by our organization including but not limited to Audit Management & Issue Remediation, PCI, Privacy Data Security, Swift, SOX, NIST CSF, ISO 27002, MPA, SEC cyber-regulations, etc.
• Assist in information security assessment/analysis, mitigation, and remediation. Advise in implementing solutions and mitigation plans for control deficiencies; regulatory and compliance gaps and make recommendations for process efficiencies.
• Drive process improvements and control implementation across business functions, including resolution of assessment findings and independent initiatives.
• Effectively assist in leading by influence and work in a matrix/cross functional (BU Champions).
• Lead targeted compliance assessments, audits, and reviews, communicating results and recommendations in clear and concise written reports; and collaborate with management to ensure corrective actions are implemented effectively.
• Investigate compliance issues and assist with investigation reports.
• Validate system requirements, flows, and written procedures through testing and observations, and to ensure regulatory compliance operating procedures and controls are working as intended.
• Help provide training and training materials for new processes.
• Assist with developing and defining new and improved workflow and initiatives .
• Participate in cross-functional teams to support various regulatory compliance subject matters ensuring that user activities continue to support systematic processes in place and drive positive compliant behaviors or that proposed new system changes fully meet Regulatory, Security and Legal requirements.
• Perform analysis based on the testing results through observations and reports to identify system and process gaps reducing risk for WBD.
• Document all work, and findings resulting from testing and communicate to relevant stakeholders within defined standard processes.
• Conduct related ongoing security compliance monitoring activities in coordination with the organization's other compliance and operational assessment functions.

STRATEGY
• Stay abreast of existing and upcoming regulatory legislation in order to assess potential impact on the WBD compliance programs.
• Make updates to the Unified Controls Framework (UCF) as agreed with other team members and relevant governance bodies.
• Assist in the implementation of the Company GRC system, policies, standards, and processes.
• Participate in cross-functional teams to provide various security compliance and regulatory compliance subject matter expertise ensuring that activities continue to support systematic processes in place and drive positive compliant behaviors or that proposed new system changes fully meet Regulatory, Security and Legal requirements.
• Assist in creation of comprehensive and meaningful strategy presentations for senior executives.
• Document roadmaps for key initiatives and programs.
• Ability to contribute to building a framework and drive development through dynamic business intelligence tools and dashboards for use in ongoing business planning and goal measurement through KPIs.

ANALYTICS
• Monitor the effectiveness of the compliance assessment process in accordance with agreed metrics and performance measures to drive continuous improvements.
• Develop comprehensive performance analysis of business processes and review ways of improvement.
• Develop and report upon agreed Key Performance Indicator metrics.
• Develop comprehensive performance analysis of business processes and review ways of improvement.
• Actively participate in stakeholder meetings with the goal of understanding all major projects and initiatives planned.

Qualifications & Experience...
• BS/BA degree required.
• 6+ years working in audit or compliance environments in a corporate or consulting capacity, with experience in a highly technical setting.
• 3+ years working in Privacy Data Security, Audit or PCI regulatory assessments / requirements.
• Experience defining certification/action plan roadmaps balancing compliance deliverables, business requirements, and resource allocation.
• Relevant certification (CISA, CISM, CISSP, etc.).
• Experience with cross-functional risk, compliance and/or information security disciplines.
• Subject matter expertise in the areas of Data Privacy, NIST CSF, MPA, SSAE 18, Swift, SOX, etc.
• Experience in project management, along with organizational and planning skills.
• Superior analytical and problem-solving skills.
• Expert user of Microsoft Office (Excel, PowerPoint, Word) to prepare all documents, presentations, graphs, briefings, and worksheets.
• Experience with Cloud Platforms including AWS and GCP.
• Experience with vulnerability management, reporting and vulnerability best practices.
• Excellent written and verbal communication.
• Superb relationship building skills.
• Work collaboratively w/small and large teams.
• Ability to handle multiple assignments concurrently and reprioritize as needed.
• You possess the highest integrity commensurate with a compliance & ethics position.
• You have excellent communication and project management skills.
• You produce clear & polished work product, in narrative and visual form.
• You have strong quantitative and qualitative analysis skills.
• You have driven change to completion across functions in an IT or comparable technical environment.
• You are able to work independently, are flexible and adaptive and demon

[more...]

Jobcode: Reference SBJ-gp7o8x-18-191-132-143-42 in your application.