Be an early applicantLess than 25 applicants

Company

Original Job Post

myGwork - LGBTQ+ Business Community · 3 days ago

Senior Information Security Risk Analyst

Atlanta, GA

Full-time

Onsite

Senior Level

5+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

Internet

Insider Connection @myGwork - LGBTQ+ Business Community

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Ingest, triage and evaluate information security policy exception requests submitted globally across Warner Bros Discovery

Assign information security policy exception requests for technical analysis and leadership approval

Gather supporting information to facilitate review of exception requests

Track remediation and closure of approved information security exception requests

Provide dedicated support to teams on submission, approval and remediation of information security exception requests

Collaborate with business and technical representatives to identify and evaluate mitigating factors and remediation plans for addressing security risks to Warner Bros Discovery

Build and maintain internal relationships to ensure alignment and partnership with key stakeholders globally across Warner Bros Discovery

Act as a point of contact for information security risk and compliance inquiries

Support development and maintenance of the company-wide information security risk register

Provide input to periodic information security policy and metric updates

Lead scheduled and ad-hoc information security risk assessments of company initiatives, products and departments against corporate policies and security best practices

Provide subject matter expertise on the design and implementation of technical security controls to address known risks and non-compliances

Design, implement and drive information security risk management processes using company tools and technologies

Collaborate with key stakeholders to understand team needs and dependencies to better align business processes

Prepare reporting on security issues and developing security risks to the organization

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information SecurityCompliance ProgramsStakeholder ManagementTechnical CommunicationRisk AssessmentSecurity Controls DesignInformation Security FrameworksRegulatory StandardsSecure Development PrinciplesMicrosoft OfficeProject ManagementEnglish Language ProficiencyProblem-SolvingCommunicationRelationship BuildingAdaptabilityTime ManagementVendor Security AssessmentVulnerability ManagementSecure Cloud ConfigurationPrivacy RegulationsGRC ToolsSecure Application DevelopmentEncryption TechnologiesFirewall TechnologiesProduction EnvironmentsBroadcast EnvironmentsSecurity CertificationsMedia Industry KnowledgeEntertainment Industry Knowledge

Required

BS degree or above required, ideally in Information Systems, Cyber Security or a related discipline

5+ years of prior experience in designing, implementing and assessing information security and compliance programs

Ability to build and maintain relationships with a diverse range of stakeholders globally

Ability to communicate technical security topics clearly and concisely to non-technical audiences and senior executives

Ability to associate technical security issues to business objectives and operational impacts

Ability to evaluate design effectiveness of technical security controls

Familiarity with common Information Security frameworks and Regulatory standards such as NIST, ISO27001, SOX, SOC 2 reporting, PCI, HIPAA or FAIR

Familiarity with secure development principles for operating systems, databases, applications and network infrastructure

Expert user of Microsoft Office (Excel, PowerPoint, Word) to prepare all documents, presentations, graphs, briefings, and worksheets

Ability to handle multiple assignments concurrently

Fluent English language and writing skills

Preferred

Familiarity with vendor security assessment techniques

Familiarity with vulnerability management techniques

Familiarity with secure cloud configuration principles for AWS, Azure or Google Cloud

Familiarity with common Privacy regulations such as GDPR and CCPA

Familiarity with implementing and utilizing GRC tools such as ServiceNow, OnSpring

Familiarity with secure application development practices

Familiarity with common encryption technologies

Familiarity with firewall technologies such as Palo Alto

Familiarity with production and broadcast environments

Achievement of one or more security certifications such as CISSP, CISM or CRISC

Knowledge of and passion for media, entertainment, and technology industries (including key players, growth trends and drivers, new media models, industry structure, etc.)

Familiarity with streaming and similar products/services

Experience working in a national or global company

Some visualization tool knowledge would be helpful (i.e. Tableau, Power BI)

Comfortable in working in highly iterative and somewhat unstructured environment