Chief Information Security Officer

Job Description

As the CISO, you will report to the CIO and directly lead program execution. The CISO position requires a high energy, visionary people leader who can shape the direction of the cyber program. The ideal candidate is a people and thought leader, having significant operational and technology risk management experience in the entertainment and media industry. Multi-cloud tenancy experience, deep knowledge of media technologies and experience in the broadcast engineering/technology space is preferred. The CISO serves as the process owner of all assurance activities related to the confidentiality, integrity, and availability of customers, third-party vendors, employee, and business information in compliance with the organization's information security policies. The CISO is responsible for establishing and maintaining Sinclair's security program to ensure that information assets and associated technology, applications, systems, infrastructure and processes are adequately protected in this rapidly growing and evolving, industry-leading ecosystem. The CISO will proactively work across Sinclair's portfolio and partners to implement practices that meet agreed-upon policies and standards for information security. The CISO should also understand IT and must oversee a variety of cybersecurity and risk management activities related to IT to ensure the achievement of organization outcomes where the process is dependent on technology.

In addition to traditional cybersecurity considerations, the CISO will also be responsible for implementing and running the program to support content security measures as well as other infrastructure security for Sinclair. The CISO is responsible for identifying, evaluating and reporting on legal and regulatory, IT, and cybersecurity risk to information assets, while driving and enabling the bleeding edge media creation and content distribution and business objectives. For example, as Sinclair focuses directly on engaging with its end consumers, the CISO will need to incorporate consumer privacy regulations into Sinclair's operational capabilities. The CISO should have strong executive presence, in order to effectively articulate the impact of security considerations to other senior Sinclair stakeholders. The CISO must also be able to coordinate demands of the organization, constraints and personalities, while maintaining objectivity and a strong understanding that security is foundational for Sinclair to deliver on its vision, goals and mission.

Responsibilities:
• Define Sinclair's security vision, strategy, and operating model across its entire portfolio
• Operationalize Sinclair's security strategy; identifying, tracking, and mitigating security risks encountered across the organization and third parties
• Own and be accountable for the resolution of security issues and threats as they arise
• Collaborate and communicate effectively among Sinclair executives
• Identify new security technologies to help Sinclair identify, manage, and resolve security threats
• Oversee all security components (hardware, software, network, cloud, and facilities) of the Enterprise including broadcast, news, sports, gaming and digital operations.
• Provide strategic vision for how security will be seamlessly integrated into components of media production, management, and distribution across linear, digital, and cloud platforms
• Work with Sinclair's managed security services provider to meet agreed-upon SLA's in addressing security risks
• Lead the overall security program, including schedule, budget, technical design, risk management, and existing operations
• Define and implement a zero-trust policy for Sinclair
• Establish and scale Identity Access Management (IAM) capabilities focused both within the organization and with its external customers
• Institute security training and build awareness across the enterprise

Qualifications:
• Bachelor's degree / Master's preferred
• 10+ years working in large-scale security team, preferably in a media/broadcast environment
• 10+ years of managing enterprise security risk
• 3+ years of experience in cloud-based security policies
• Excellent communication, organization, interpersonal and writing skills
• High level of knowledge associated with incident response activities in a distributed environment
• Strong understanding of data analysis, computer applications, IS security standards, and network architecture
• CISSP, CISM, or CISA certification preferred
• Familiarity with security and media industry standards (ISO 17799, NIST 800 series, TPN, MPAA, etc.) and best practices
• Knowledge of security auditing procedures
• Foundational knowledge of ATSC 3.0 standards

Sinclair Broadcast Group, Inc. is proud to be an Equal Opportunity Employer and Drug Free Workplace!