Jobs at Redbud Cyber Security Recruiting

View all jobs

Manager, Technology Compliance Readiness

Burbank, CA
Job Description
Are you excited to be part of an energetic group of technologists helping to shape the future of entertainment through technology? Do you want to join a team that designs and implements cutting edge solutions to improve the effectiveness and efficiency of our technology processes? Do you enjoy helping disperse technology teams understand requirement and identify solutions to comply with policies and standards in a rapidly changing industry and evolving information management and data protection landscape? If so, this is the right opportunity for you! 
 
We are seeking a Technology Compliance Readiness Manager. This position will manage the design, implementation and interpretation of continuous compliance monitoring output across the studio, Information Technology, Information Security, and Privacy domains. This includes developing efficient and effective processes for evaluating compliance with our policies, standards and baselines, considering regulatory requirements such as PCI, GPDR and CCPA.
 
Your core priorities will be to:  
  • You will manage a new technology-focused continuous compliance-monitoring program.
  • You will develop processes for evaluating compliance with internal policies, standards and baselines, industry standards (e.g., ISO27001, NIST), and regulatory requirements such as PCI, GDPR and CCPA.
  • You will be the resident expert for compliance monitoring over all of Technology, identifying gaps in the design or operating effectiveness of control points.
  • You will be a trusted partner within the Technology Organization, building and maintaining internal relationships to ensure alignment and partnership with key stakeholders across the studio.
  • You will advise the Technology Operations teams on compliance adherence and development of solutions to address the associated risks.
  • You will regularly communicate compliance matters to senior leadership.
  • You and your team will assess and propose alternative solutions for potential non-compliance, identifying the strengths and weaknesses of each.
  • You will prepare compliance benchmarking and reporting to senior leadership, corporate attorneys, business unit leadership and external stakeholders.
 
Knowledge, Skills & Abilities Required 
  • Bachelor’s degree in Management Information Systems or related discipline preferred.
  • GRCP, ITIL, or CISA certification required.
  • ITIL V3 Service Lifecycle experience required.
  • At least one security certification is preferred (CISSP, CISM, CISA, etc.).
  • Minimum 4 years technology and privacy compliance experience (including interpreting policies, standards and baselines and validating systems for compliance).
  • Minimum 3 years in audit/internal audit or compliance experience.
  • Minimum 1 years of experience in Information Security.
  • You should have a passion for quality and own the solution, whether it fails or flies.
  • You must have strength of character to believe in and advocate your projects.
  • You must be a problem solver and hold strong and practical techniques to move beyond an impasse.
  • You must be able to educate people regarding complex policy requirements.
  • You should have:
    • Expertise assessing and evaluating compliance with policies, standards and baselines.
    • Experience testing and validating security controls with various assessment techniques.
    • Experience with developing and managing controls frameworks.
    • Experience in risk management (for technical and data privacy domains).
    • Experience communicating to responsible stakeholders and executives.
    • Understanding of industry standards such as ISO 27001/2, NIST 800-53, NIST Cybersecurity Framework, and ICS.
    • Experience with ISO27001/2.
    • Experience with GDPR.
    • Experience with common SDLC processes.
    • Ability to integrate experience and deep technical/professional knowledge to address complex issues and provide operational guidance.
  • Technically, you must have an understanding of:
    • Controlling cloud-based solutions is required (e.g. AWS, MS Azure, Level 3, Akamai).
    • Controlling networking hardware: firewalls, routers, switches, and load-balancers (Palo Alto, Cisco and F5 preferred).
    • Commonly used protocols and services (e.g. SSL, TCP/UDP, WWW, FTP/SFTP, NTP, Telnet, NFS, SSH, LDAP).
    • Virtual networking hardware (e.g., VMware vSphere, Six 4.x).
    • Administering Linux and Windows systems.
    • Securing remote operating systems and applications.
  • You should be completely reliable; someone the team can count on.
  • Strong project management skills; including project planning, project design, resource allocation, utilization analysis, etc.
  • Outstanding communication (verbal and written) and interpersonal skills with ability to articulate complex requirements concisely and accurately.
  • Must possess the ability to meet deadlines.
  • Must manage personnel in an efficient and effective manner.
  • Must be able to effectively manage a number of projects and priorities in parallel
  • Breaks down barriers and work collaboratively with colleagues in other departments.
  • Capable of understanding the details while also having the ability to efficiently and effectively identify the most important themes and clearly conveying them to the right audience.
  • Ability to thrive in a fast-paced and high-pressure environment.
  • Openly shares knowledge and learning with others to benefit the entire team and company.
  • Ability to travel (approximately 5%, annually).
Share This Job
Powered by