Manager, Governance Risk & Compliance
Virtual
Full Time Mid-level / Intermediate USD 92K - 216K
Comcast
Job Summary
As part of the Governance, Risk and Compliance team within Technology Experience and Services, you will be an integral part of ensuring our technology is built with security in mind and that security controls are consistently maintained. You will be part of the process of expanding our GRC processes to the Comcast Advertising teams. This will require a deep knowledge and understanding of end-to-end business process, security frameworks (e.g. NIST, ISO, HIPAA and HITRUST), regulatory compliance (e.g. PCI, GDPR, SOX, etc.) and technology standards, procedures and guidelines. You should possess detailed knowledge of administrative and technical security control assessments and be able to prepare and communicate compliance issues to leadership through reporting and metrics. In addition, knowledge and experience managing third party risk and security will also be a valuable skill in this role.Job Description
CORE RESPONSIBILITIES
- Assist in building the organization’s cybersecurity strategy to ensure we’re proactively identifying/addressing relevant security gaps, compliant with internal policies and external regulatory requirements, and improving our overall security posture and program.
- Collaborate with business and technology teams to ensure security strategies and initiatives align with business objectives.
- Direct and coordinate the development and implementation of security awareness programs and education.
- Serve as an internal auditor to ensure that appropriate precautions over information are granted high visibility and are considered in the design of new and existing systems.
- Review and recommend cost-effective controls to eliminate or minimize risk.
- Prepare written plan and annual reports on contingency planning and data security for each critical system.
- Provide day-to-day leadership and guidance in resolving complex technical operational situations.
- Consistent exercise of independent judgment and discretion in matters of significance.
- Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) and overtime as necessary.
- Other duties and responsibilities as assigned.
REQUIREMENTS
- Bachelor’s degree in computer science, Accounting/Finance, or related field, or equivalent work experience.
- 7+ years of experience in governance, risk, and compliance function.
- Experience in security frameworks (such as NIST, ISO; knowledge of HIPAA or HITRUST also a plus) and regulatory compliance reporting (such as PCI and/or SOX).
- Experience in business continuity planning.
- Experience managing risk and compliance function in a cloud computing environment.
- Expert level experience in controls, assessments, and auditing.
- Strong analytical, organization, time management, facilitation, and process management skills.
- Demonstrated high level of written, verbal, and interpersonal skills to communicate technical and non-technical information, ideas, procedures, and processes.
- CISM, CRISC, or CISA certification preferred.
Employees at all levels are expected to:
- Understand our Operating Principles; make them the guidelines for how you do your job.
- Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services.
- Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences.
- Win as a team - make big things happen by working together and being open to new ideas.
- Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers.
- Drive results and growth.
- Respect and promote inclusion & diversity.
- Do what's right for each other, our customers, investors, and our communities.
Disclaimer:
This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications.
Comcast is an EOE/Veterans/Disabled/LGBT employer.
Compensation
National Pay Range: $92,293.36 USD-$216,312.56 USDComcast intends to offer the selected candidate base pay dependent on job-related, non-discriminatory factors such as experience. Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details.
The application window is 30 days from the date job is posted, unless the number of applicants requires it to close sooner or later.
Education
Bachelor's DegreeWhile possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience.Certifications (if applicable)
Relative Work Experience
5-7 YearsComcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law. Comcast will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law, including the Los Angeles Fair Chance Initiative for Hiring Ordinance and the San Francisco Fair Chance Ordinance.Tags: Audits CISA CISM Cloud Compliance Computer Science CRISC Finance GDPR Governance HIPAA HITRUST NIST SOX Strategy
Perks/benefits: Career development Equity Salary bonus Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs