Senior Director, Global News and Journalism Business Information Security Office

Job Description

Your New Role...

The Senior Director Global News and Journalism, Business Information Security Office is a key leader within the Global Information and Content Security (GICS) team, implementing WBD's security strategy, policies, and standards across global news and journalism operations. This critical role helps ensure timely, trustworthy, and fair-minded news to audiences everywhere by driving the security of technical and digital operations, combating disinformation, and defending journalists from targeted cyber-attacks. This Senior Director role is responsible for maintaining a strategic relationship with WBD's global news leadership, closely aligning WBD's cybersecurity strategy with our evolving multimedia and digital news strategy.

Your Role Accountabilities...

Strategic Business Partnership (50%)
• Act as a link between news activities, journalists and our centralized cybersecurity functions, ensuring that security initiatives are aligned with business goals and priorities.
• Promoting a culture of security awareness and accountability.
• Lead the adoption and enforcement of Global Information and Content Security policies and standards across the business lines.
• Foster a strong security culture and technical security measures within WBD's global news activities and journalistic functions.

Technical Security Delivery (30%)
• Provide direction and supervision on security-related projects and initiatives, ensuring compliance with global security standards and best practices.
• Evaluate and recommend security solutions and tools that enhance the security posture and capabilities of news operations.
• Handle security exceptions for Global news operations, ensuring proper documentation, approval, and review processes are followed.
• Support security operations and other teams in the identification, investigation, and mitigation of cyber security incidents.
• Partner with other GICS leadership to drive the adoption of core security services (Identity and Access Management, Logging and Monitoring, Detection and Response, Vulnerability Management, Product Security, Cloud Security, and Content Security) throughout global news operations.

Compliance and Reporting (20%)
• Lead the identification of key risk indictors (KRI's) for news operations and journalists; driving the analytics, metrics gathering and reporting of KRI's to WBD leadership.
• Support enterprise and business lines regulatory and compliance requirements and develop implementation strategies that minimize operational impact and disruption.

Qualifications & Experience...
• Ability to work a hybrid model (3 days onsite) out of downtown DC office.
• Executive presence, technical security expertise, business acumen, communication skills and alignment focus.
• Being accountable, project driven, results oriented, willingness to be constantly learning new things, open minded, ability to articulate sometimes complex technical security topics and articulate risks in a language that the business finds meaningful and use that information to make more informed decisions.
• 10+ years of supervisory or management experience in a technical security environment.
• Solid knowledge of various regulatory requirements and information security control frameworks (ISO, NIST, PCI, GDPR, CCPA, SOX).
• Strong understanding of audit/risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security
• Hands-on experience with security practices such as security incident response and risk management.
• Exceptional verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources.
• Good understanding of Industry trends and emerging threats.
• Experience in leading projects leveraging global teams with matrix resources.
• Extensive experience in the information security field designing and implementing enterprise security solutions in a global context.
• Should possess proficiency in the technical aspects of cyber security, such as:
o Cloud infrastructure and concepts, specifically the security aspects thereof
o Application security topics such as the OWASP top 10.
o SIEM & logging tools
o Vulnerability Management and EDR/XDR toolsets.
o Network and Compute architectures
o Identity & Access Management and Privileged Access Management

The Nice to Haves:
• Bachelor's degree in computer science, Engineering, or other related discipline preferred or 10+ years of previous technical security experience, e.g., architecture, engineering, or InfoSec Director level.
• Experience in providing Cybersecurity services and modeling for Media, Broadcast & Entertainment companies.
• Security certifications are a plus (CISSP, CISM, CISA, SANS, etc.)

If you're a qualified candidate and you require adjustments or accommodations to search for a job opening or apply for a position, please contact us at recruitadmin@wbd.com.

Jobcode: Reference SBJ-r0x3jj-3-145-44-174-42 in your application.