Manager, Incident Response and Compliance
Deluxe Entertainment
Burbank, CAThis was removed by the employer on 7/2/2015 10:35:00 AM PST
Not to worry we have many other jobs on the site;
Browse all jobs
Browse the IS/IT Category
Search for Manager, Incident Response and Compliance jobs in Burbank-CA
Search all Manager, Incident Response and Compliance postings
Full Time Job
We currently have an opening for a Manager, Global Incident Response and Compliance. This position will be located in Burbank, CA.
SUMMARY:
Working under the direction of the Director of Global Security, the Manager, Global Incident Response and Compliance, will develop a strategy and execution roadmap to ensure a secure global environment for Deluxe, protecting the Company's physical and information technology assets. The Manager is responsible for establishing and maintaining a corporate wide information security management program to ensure that information assets are adequately protected. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. The position requires a leader with sound knowledge of business management and facilities and a working knowledge of information security technologies. The Manager will proactively work with business units and shared services organizations to implement practices that meet defined policies and standards for information and physical security. The Manager serves as the process owner of all IT assurance activities related to the availability, integrity and confidentiality of the organization's information systems. The ideal candidate is a thought leader, a consensus builder, influencer and an integrator of people and processes who can communicate at all levels of the organization.
RESPONSIBILITIES:
• Define the global strategy and execution plan to implement IT and physical environments that are secure and protect against external and internal threats and vulnerabilities.
• Develop and enhance an information technology and physical security management framework based on the following standards where applicable: (ISO) 2700X, National Institute of Standards and Technology (NIST), MPAA, CDSA and vendor specific standards in the entertainment industry.
• Provide risk guidance for IT projects, including the evaluation and recommendation of technical controls.
• Liaise with the enterprise architecture team to ensure alignment between the security best practices.
• Develop a technology risk management process for safety and integrity of IT and physical assets.
• Work directly with the business units to facilitate IT and physical risk management processes and work with stakeholders throughout the enterprise on identifying acceptable levels of risk.
• Regulate compliance with the organization's security policies and procedures among employees, contractors, and other third parties and implement corrective action plans.
• Initiate, facilitate and promote a comprehensive training program to increase security awareness.
• Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
• Develop and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals.
• Coordinate the development of implementation plans and procedures to ensure business-critical services are recovered in the event of a security event.
• Partner with the Business Unit IT Directors and global IT teams to provide security and compliance consulting.
• Collaborate among the information Security, Internal Audit, Legal and HR management teams as required.
• Research emerging best practices and methods in the industry appropriate to IT and physical security and make recommendations to improve infrastructure, applications, and architecture and information security.
• Deliver IT Security and Compliance services per established service level agreements.
• Provide client information on change implementations and current state.
• Manage the enterprise's security organization, consisting of two direct reports. This includes hiring, training, staff development, performance management and annual performance reviews.
• International and domestic travel to effectively carry out the security and compliance duties, up to 20 percent.
REQUIREMENTS / EDUCATION:
• 7 to 10 years' experience in information technology, with 5-7 years of either technical services, application roles or security and compliance roles; 5-7 years of experience in reviewing, auditing, operating and understanding a complex IT technical environment.
• Program/project management experience.
• Global Security management experience.
• Prior experience with process improvement and lean initiatives.
• Familiarity with Infrastructure and Operations as well as Application technologies and design.
• Previous experience with ISO methodologies and frameworks preferred.
• BS/BA degree required with emphasis in information technology or engineering, business or related fields.
• CISSP certification is preferred.
• Graduate degree a plus; other independent study or certifications (CISA) in related areas also a plus.
We offer competitive pay and benefits program, including: medical, dental & vision coverage, vacation & sick leave, 401(k), and more.
Deluxe Entertainment Services Group Inc. is an Equal Opportunity Employer.