Sr. Information Security Risk Analyst
GA Atlanta 1050 Techwood Drive NW
Warner Bros. Discovery
Warner Bros. Discovery offers exciting and rewarding career opportunities across a multitude of disciplines. Join us as we step into the next chapter.Welcome to Warner Bros. Discovery… the stuff dreams are made of.
Who We Are…
When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating what’s next…
From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.
The Job:
The Senior Information Security Risk Analyst will oversee a team responsible for the identification, assessment and remediation of information security risks to the organization. They will assist operation of the company risk management program, evaluate security risks and policy exceptions and provide guidance on managing information security risk to the organization.
RISK EXCEPTION ANALYSIS:
- Ingest, triage and evaluate information security policy exception requests submitted globally across Warner Bros Discovery
- Assign information security policy exception requests for technical analysis and leadership approval
- Gather supporting information to facilitate review of exception requests
- Track remediation and closure of approved information security exception requests
- Provide dedicated support to teams on submission, approval and remediation of information security exception requests
- Collaborate with business and technical representatives to identify and evaluate mitigating factors and remediation plans for addressing security risks to Warner Bros Discovery
- Build and maintain internal relationships to ensure alignment and partnership with key stakeholders globally across Warner Bros Discovery
- Act as a point of contact for information security risk and compliance inquiries
RISK REGISTER AND GOVERNANCE
- Support development and maintenance of the company-wide information security risk register
- Provide input to periodic information security policy and metric updates
- Lead scheduled and ad-hoc information security risk assessments of company initiatives, products and departments against corporate policies and security best practices
- Provide subject matter expertise on the design and implementation of technical security controls to address known risks and non-compliances
PROCESS DESIGN AND STRATEGY
- Design, implement and drive information security risk management processes using company tools and technologies
- Collaborate with key stakeholders to understand team needs and dependencies to better align business processes
- Prepare reporting on security issues and developing security risks to the organization
The Essentials
- BS degree or above required, ideally in Information Systems, Cyber Security or a related discipline
- 5+ years of prior experience in designing, implementing and assessing information security and compliance programs
- Ability to build and maintain relationships with a diverse range of stakeholders globally
- Ability to communicate technical security topics clearly and concisely to non-technical audiences and senior executives
- Ability to associate technical security issues to business objectives and operational impacts
- Ability to evaluate design effectiveness of technical security controls
- Familiarity with common Information Security frameworks and Regulatory standards such as NIST, ISO27001, SOX, SOC 2 reporting, PCI, HIPAA or FAIR
- Familiarity with secure development principles for operating systems, databases, applications and network infrastructure
- Expert user of Microsoft Office (Excel, PowerPoint, Word) to prepare all documents, presentations, graphs, briefings, and worksheets
- Ability to handle multiple assignments concurrently
- Fluent English language and writing skills
The Nice to Haves
- Familiarity with vendor security assessment techniques
- Familiarity with vulnerability management techniques
- Familiarity with secure cloud configuration principles for AWS, Azure or Google Cloud
- Familiarity with common Privacy regulations such as GDPR and CCPA
- Familiarity with implementing and utilizing GRC tools such as ServiceNow, OnSpring
- Familiarity with secure application development practices
- Familiarity with common encryption technologies
- Familiarity with firewall technologies such as Palo Alto
- Familiarity with production and broadcast environments
- Achievement of one or more security certifications such as CISSP, CISM or CRISC
- Knowledge of and passion for media, entertainment, and technology industries (including key players, growth trends and drivers, new media models, industry structure, etc.)
- Familiarity with streaming and similar products/services
- Experience working in a national or global company
- Some visualization tool knowledge would be helpful (i.e. Tableau, Power BI)
- Comfortable in working in highly iterative and somewhat unstructured environment
How We Get Things Done…
This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/ along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.
Championing Inclusion at WBD
Warner Bros. Discovery embraces the opportunity to build a workforce that reflects the diversity of our society and the world around us. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.If you’re a qualified candidate and you require adjustments or accommodations to search for a job opening or apply for a position, please contact us at recruitadmin@wbd.com.* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Azure Business Intelligence CCPA CISM CISSP Cloud Compliance CRISC Encryption Firewalls GCP GDPR Governance HIPAA ISO 27001 NIST Privacy Risk assessment Risk management Security assessment SOC SOC 2 SOX Strategy Vulnerability management
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Network Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Information System Security Officer jobs
- Open Security Consultant jobs
- Open Information Systems Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Information Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Security Architect jobs
- Open CISA-related jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open GCP-related jobs
- Open ISO 27001-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Security assessment-related jobs
- Open PowerShell-related jobs
- Open SQL-related jobs