The Senior Business Information Security Officer, reporting to a Director, Business Information Security Officer, will help support discreet businesses and technology organizations in North America and across the EMEA and APAC regions to improve their information security posture. The role must also act as an evangelist of the company's information security policies, best practices and compliance obligations and will assist with performing risk and compliance assessments and serving as a liaison between the business and WarnerMedia's information security teams.
They will also coordinate general risk/gap assessments and policy exceptions with the Security Policy and Compliance team and major roadmap activities with the Security Program Management team.
• Proactively identify information security risks and opportunities, and recommend pragmatic security solutions
• Partner with the WarnerMedia information security teams (security architecture, security monitoring, vulnerability management, etc.) and the program management office to facilitate security operations
• Serve as an escalation path for information security incidents, issues and inquiries
• Advise on security design and tool implementation for new and existing technology solutions
• Advise on data privacy requirements for new technology implementations and third party enagements
• Conduct, support and/or facilitate third party information security and compliance assessments with business & technology owners.
• Participate in tool selection process to deliver technology that aligns with business requirements
• Work with business and technology organizations to remediate open audit internal or external findings
• Evangelize WarnerMedia's information security policies and standards across the domestic business units
• Educate partner groups on process and policy via formal and informal information sharing sessions (ranging from ad hoc meetings to full presentations)
• Coordinate risk management strategies working closely with WarnerMedia's business unit
MINIMUM EXPERIENCE REQUIREMENTS
• 5+ years of expe r ience in comput ing and i n for mat ion s ecur i t y, inc luding exper ience wi th inter net technology and secu r i ty issues - infor mation secur i ty
• Demonstrated experience in at least 2 of the following information security domains:
Security Architecture and Engineering
Network and Infrastructure Security
Identity and Access Management
Security and Risk Management
Software Development Security
• Must be a supe rb r e lat ion s h ip bu il der w ith the abi l i ty to work with both technical and non-technical audiences across a g lobal or gani za tion.
• Excel lent w r i t ten and verbal com municat ion sk il ls; i n t e rpersonal co l labo rat i ve sk i lls; and t he ab i l ity to com municate secu r i ty and r isk - rel a ted concepts to technical and non- techn ical aud iences.
• A successful reco rd of acco mplishment in a si m il a rly structured o r gani zat ion is st rong ly pref e r red
• E xper ience as an accompli shed t hought leader wi thout li ne r e spon si b i l ity would de monstrate ab i l ity to be success ful in a local ly em powered env ironment
• Experience supporting and presenting to the senior executive team
• Proactive and responsive
• Critical thinking skills with an inquisitive and questioning nature
• Ability to think big picture; a ''systems thinker.''
• Must be able to operate at the detail level as well as able to operate effectively with senior leaders
• Solid comprehension of security best practices and compliance frameworks and regulations (e.g. ISO27001, ISO27002, Privacy Shield, SOX, GDPR, PCI DSS, NIST)
• Self-motivated, with experience operating with remote, global teams
• Strong interpersonal and influencing skills of people at different levels and with different backgrounds and experiences
• Bachelor's Degree or equivalent experience
• Information (Cyber) security Industry recognized certifications/experience
Jobcode: Reference SBJ-d589w3-54-80-249-22-42 in your application.