Director, Technology Compliance Readiness
Company: Time Warner, Inc.
Posted on: February 11, 2019
What will you do?* You will direct and oversee the development and operations of a new technology-focused Compliance Readiness program. You will build and lead a team (internal and outsourced resources) of Compliance Readiness Managers and Specialists each responsible for monitoring the effectiveness of the Studio's technical processes and controls, initially related to Information Technology and Information Security. * You will develop a strategy and processes for evaluating compliance with internal policies and standards, industry standards (e.g., ISO 27001, NIST), and regulatory requirements such as SOX (technical and privacy aspects only), PCI, GDPR, and CCPA. * You will?serve as the resident expert?for policy and regulation control requirements across the studio's technology organization, helping to ensure controls are implemented effectively. * You will be a trusted partner within the Technology organization, building and maintaining internal relationships to ensure alignment and partnership with key stakeholders across the Studio. * You will assist the WB Technology Operations teams by identifying compliance concerns, assist in the development of solutions to address the associated risks, and communicate ongoing compliance matters to the Technology Executive and Leadership teams. * You and your team will assess and propose alternative solutions for potential non-compliance, identifying the strengths and weaknesses of each. * You will develop compliance benchmarking and reporting to WB executives, corporate attorneys, business unit leadership, and to external stakeholders. * You will assist in supporting all Internal Audit requests from external auditors. What do we need from you?* Bachelor's degree in Management Information Systems or related discipline preferred * GRCP, ITIL or CISA certification required * At least one security certification is strongly preferred (CISSP, CISM, CISA, etc.) * Minimum 8 years technology and privacy compliance experience (including interpreting and evaluating policies and standards) * Minimum 5 years people and project management experience * You should have a passion for quality and own the solution, whether it fails or flies. * You must have strength of character to believe in and advocate your projects. * You must be a problem solver and hold strong and practical techniques to move beyond an impasse. * You must be able to educate people regarding complex control requirements. * You should have: * Expertise assessing and evaluating compliance with policies and standards. * Experience testing and validating security controls with various audit techniques. * Experience with developing and managing controls frameworks. * Expertise in risk management (for technical and data privacy domains). * Experience communicating risks to executives and responsible stakeholders * An understanding of industry standards such as ISO 27001/2, NIST 800-53, and ICS. * Experience implementing policy and developing governance related deployment and communications plans. * Experience with PCI DSS v3.x * Experience with ISO27001/2 * Experience with GDPR * Experience with recommending and implementing policy remediation activities * Technically, you must have an understanding of: * Securing cloud-based solutions is required (e.g. AWS, Azure, etc.) * Networking hardware: routers, switches, and load-balancers, particularly F5 and Cisco products is preferable. * Commonly used protocols and services is preferred (e.g. SSL, TCP/UDP, WWW, FTP, etc.) * Securing Firewalls (Palo Alto and Cisco preferred) * Security Incident Response (preferred) * Linux and Windows system administration (preferred) * You should be completely reliable; someone the team can count on. * Strong project management skills; including project planning, project design, resource allocation, utilization analysis, etc. * Outstanding communication and interpersonal skills (verbal and written). * Must possess the ability to meet deadlines and manage personnel in an efficient manner. * Capable of understanding the details while also having the ability to efficiently and effectively identify the most important themes and clearly conveying them to the right audience. * Ability to thrive in a fast-paced and high-pressure environment. * Ability to travel (approximately 5%, annually).
Keywords: Time Warner, Inc., Burbank , Director, Technology Compliance Readiness, IT / Software / Systems , Burbank, California
Didn't find what you're looking for? Search again!