company_logo

Full Time Job

Information Security Engineer

Sinclair Broadcast Group

Hunt Valley, MD 08-06-2024
 
  • Paid
  • Full Time
  • Mid (2-5 years) Experience
Job Description
The Information Security Engineer will be a part of the enterprise Identity, Risk, and Data Governance group with a focus on supporting the Third-Party Risk Management (TPRM) program. The candidate will also be responsible for delivering security awareness training and phishing campaigns to the organization, developing security policies and standards, partnering with the Sinclair Legal Team to perform litigation support, and provide proactive response to data loss prevention (DLP) alerts.

The applicant will have prior experience with supply chain and vendor risk management in a corporate environment. Additional required skills include hands-on experience with managing security awareness training platforms, ability to develop and improve security policies and standards, and knowledge of data classification and protection best practices.

The candidate must be a self-starter with the motivation to learn and contribute to new technologies and processes, possess the ability to verbally present ideas clearly and thoughtfully to large audiences at different levels of the organization, and thrive in a highly visible and fast-paced role.

This is a hybrid position which will require the candidate to work on-site in Hunt Valley Maryland several times per week.

Responsibilities:

Process & Execution
• Develop and create information security policies, standards, and processes to enforce Sinclair compliance requirements.
• Research and risk assess Artificial Intelligence (AI) applications as needed to support business productivity.
• Perform 3rd party risk assessments in alignment with team SLAs, that identifies vendor and supply chain inherent risks to Sinclair.
• Deliver current and relevant content to personnel to provide continued education of cyber threats.
• Provide quality and timely updates to internal customers to ensure clear expectations are met for their requests.
• Update security tools with 3rd party risk results, develop remediation plans that are communicated to stakeholders, and continuously report on the status of risk to Sinclair leadership.
• Collaborate with peers to create and enhance weekly metrics to measure the effectiveness of the security program.
• Ability to multitask, prioritize work, and efficiently deliver on assignments while remaining flexible and resilient to a changing environment.
• Maintain ownership of assignments initiatives while maintaining a high level of personal accountability.
• Respond to Data Loss Prevention (DLP) alerts while proactively providing education on data security principles to Sinclair's end-user base.
• Perform eDiscovery and litigation hold (Purview) activities to complete Sinclair Legal requests.

Collaboration & Partnerships
• Apply excellent communication skills to efficiently collaborate with company stakeholders and business partners.
• Evaluate and recommend new products, maintain knowledge of emerging technologies, and maximize value from existing tool sets to ensure return on investment.
• Identify, communicate, and develop mitigation plans for security risks in on-premises or hybrid/multi-cloud deployments.
• Demonstrate strong problem-solving skills by identifying gaps or issues and formulating solutions.
• Ensure compliance with Sinclair policies and standards.
• Promptly respond to information security tickets and other requests.
• Operate with a strong sense of teamwork and personal accountability.

Performance Improvement
• Thrive within an environment where priorities are frequently adjusted, where being a self-starter comes as second nature.
• Maintain a high-level of work quality while operating comfortably in a culture that champions the importance of effective communication.
• Design, document, and implement procedures and techniques for analyzing and evaluating risk.
• Proactively and effectively look for ways to improve and optimize processes.
• Research emerging technologies and provide feedback and options to leadership to effectively solve problems.
• Drive collaboration amongst teams, deliver quality execution on assignments, and take personal accountability for deliverables.

Qualifications:
• Bachelor's degree in IT discipline and 4 years of work Information Security experience within an enterprise environment.
• Exceptional verbal and written communication skills with an ability to present complex information to audiences of varying subject knowledge.
• Minimum of two years conducting third-party and vendor risk assessments.
• Knowledge of Artificial Intelligence tools (AI) including assessing the risks to data privacy or exposure.
• Experience deploying and configuring enterprise security tools focused on data security.
• Prior experience classifying data and understanding the fundamentals of data protection
• Hands-on experience in Microsoft Purview including conducting eDiscovery and performing litigation holds.
• Knowledge of multi-cloud environments.
• Must be a self-starter with the ability to successfully operate in a fast-paced work environment with shifting priorities.
• Industry certification required in one of the following areas: (e.g., CISSP, CISM, CRISC, Security+, CISA, or equivalent).
• Familiarity with security assessments and compliance requirements frameworks (SOC-2, NIST ''800 series'', CSF, SOX, etc.).
• Prior experience in the broadcast/media entertainment industries preferred.

Sinclair Broadcast Group, Inc. is proud to be an Equal Opportunity Employer and Drug Free Workplace!

About Sinclair

Sinclair, Inc. (Nasdaq: SBGI) is a diversified media company and a leading provider of local news and sports. The Company owns, operates and/or provides services to 185 television stations in 86 markets affiliated with all the major broadcast networks; and owns Tennis Channel and multicast networks Comet, CHARGE!, TBD., and The Nest. Sinclair's content is delivered via multiple platforms, including over-the-air, multi-channel video program distributors, and the nation's largest streaming aggregator of local news content, NewsON. The Company regularly uses its website as a key source of Company information which can be accessed at www.sbgi.net.

Jobcode: Reference SBJ-r1629y-98-82-140-17-42 in your application.