Analyst - Information Security Risk
Discovery Communications
Silver Spring, MDThis was removed by the employer on 9/19/2017 7:30:00 AM PST
Not to worry we have many other jobs on the site;
Browse all jobs
Browse the IS/IT Category
Search for Analyst - Information Security Risk jobs in Silver Spring-MD
Search all Analyst - Information Security Risk postings
Full Time Job
Our Team
As Discovery Communications’ portfolio continues to grow – around the world and across platforms – the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds, implements and maintains the business systems and technology that are critical for delivering Discovery’s products, while articulating the long-term technology strategy that will enable Discovery’s growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.
From Amsterdam to Singapore and from satellite and broadcast operations to SAP, we are driving Discovery forward on the leading edge of technology.
Within our Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for a function so critical to Discovery Communications. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Information Security Team at Discovery is a growing group of cyber security professionals, that are using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast across the globe on Discovery Channel, Animal Planet, Discovery ID, TLC, EuroSport and more. From the US to Singapore, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.
Responsibilities:
Our Analyst for Information Security Risk will be responsible for conducting security assessments of information systems as per our methodology. You’ll interpret and apply IT controls in an enterprise environment that identifies, documents and communicates key deficiencies to stakeholders and assist them with recommendations to address and solve. This analyst role will maintain familiarity with industry trends and security best practices, as well as contribute to the team’s continuous improvement efforts. Key responsibilities include evaluating management responses to ensure remediation tasks adequately address identified gaps, and validating evidence before identified risks are closed.
Requirements:
* Bachelor's degree in Computer Science, Technology, or Related Fields.
* Desired Certifications: CISSP, CISA, CISM
* At least 2 to 5 years’ experience in performing information security risk assessments
* Critical thinking, analytical, and project management skills
* Ability to interact and communicate effectively with leadership and staff across both business and technology functions
* Strong oral and written communication, including the ability to write clear, concise, non-technical and persuasive risk evaluation reports
* Understanding of the compliance requirement framework such as SOX, PCI
* Background engaging with both internal and external audit functions
* Ability to identify, interpret and apply IT security controls in changing environments
* Must have the legal right to work in the US
Familiarity with one or more of the following areas is highly desirable:
* IP networks infrastructure (network topology, switches, routers, firewalls, intrusion detection / prevention)
* Windows Active Directory (policies, structure, elements)
* Databases (SQL, Oracle, DB2, monitoring tools)
* Standards / Frameworks (CoBIT 5, ITIL, ISO 15504, ISO 20000, ISO 27000, ISO 31000, ISO 38500, NIST series 800 guidance)
* Access control (Identity Access Management user access provisioning and recertification.
* Logging (System Event / Audit log collection)
* Data Encryption / Masking techniques (At-rest, in-transit, in-motion)
* Physical security principles