Manager, Information Security

Job Description

The Job

The Manager, Information Security, reporting to a Business Information Security Officer, will help support discreet businesses and technology organizations to improve their information security posture. The role must also act as an evangelist of the company's information security policies, best practices and compliance obligations and will assist with performing risk and compliance assessments and serving as a liaison between the business and WarnerMedia's information security teams.

They will also coordinate general risk/gap assessments and policy exceptions with the Security Policy and Compliance team and major roadmap activities with the Security Program Management team.

The Daily
• Proactively identify information security risks, opportunities and recommend pragmatic solutions and serve as an escalation path for information security issues, incidents and inquiries implementation within the business units
• Partner with the WarnerMedia information security teams (security architecture, security monitoring, vulnerability management, etc.) and the program management office to facilitate security
• Conduct, support and/or facilitate third party information security and compliance assessments as well as manage a team doing the same.
• Work with business and technology organizations to remediate open audit internal or external findings
• Evangelize WarnerMedia's information security policies and standards across the domestic business units
• Educate partner groups on process and policy via formal and informal information sharing sessions (ranging from ad hoc meetings to full presentations)
• Coordinate risk management strategies working closely with WarnerMedia's business unit

The Essentials
• 2-4+ years of experience in computing and information security, including experience with internet technology and security issues - information security
• Self-motivated, with experience operating with remote, global teams
• Must be a superb relationship builder with the ability to work across groups within a global organization.
• Strong interpersonal and influencing skills of people at different levels and with different backgrounds and experiences
• Excellent written and verbal communication skills; interpersonal collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical audiences.
• Good understanding of secure software development best practices, network and other technical security controls
• A successful record of accomplishment in a similarly structured organization is strongly preferred.
• Experience as an accomplished thought leader without line responsibility would demonstrate ability to be successful in a locally empowered environment.
• Proactive and responsive
• Critical thinking skills with an inquisitive and questioning nature
• Ability to think big picture; a ''systems thinker.''
• Must be able to operate at the detail level as well as able to operate effectively with senior leaders
• Solid comprehension of security best practices and compliance frameworks and regulations (ISO27001, ISO27002, Privacy Shield, SOX, GDPR, PCI DSS)
• Bachelor's Degree or equivalent experience
• Information (Cyber) security Industry recognized certifications/experience preferred but not required

Jobcode: Reference SBJ-r0m9oe-3-141-31-209-42 in your application.