Manager, IT Security
Deluxe EntertainmentBangalore, KA
Full Time Job
Since 1915, Deluxe has served as the trusted partner to the global entertainment industry: from the major Hollywood studios to new global content platforms, as well as leading local content producers, broadcasters and distributors around the world.
Our comprehensive offering of creative post-production and digital delivery solutions enables our clients to enhance and maximise the value of their content globally. We provide an end-to-end suite of services unrivalled in breadth, scale and global scope: high-end audio and visual post production for television and film; content management; content marketing; content localisation; and IP-based global distribution.
Deluxe is a Los Angeles-based company with operations in over 25 countries around the world. Whilst the International business of Deluxe comprises less than half of the revenue of the business today, we expect this share to increase substantially as we lead the international growth agenda for the business.
Deluxe is a best-in-class employer, with over 7,000 of the most respected technologists and artists in the industry. We foster a culture of ingenuity, passion and collaboration to support our clients and our people, in all their endeavours. Our company values follow.
Be Pioneers: We innovate and push for boundless creativity through curiosity.
Pursue Diversity: Different views and experiences are advantages. Our global presence gives us perspectives that drive better business.
Act with Integrity: We are honest and forthright in our dealings. Building trust builds a better company.
Take Ownership: We are accountable for ourselves, our colleagues, our clients and our company.
Collaborate: Together we are stronger. We deliver more success through shared goals and mutual support.
Exceed Expectations: We understand our colleagues' and clients' needs and always exceed expectations.
The IT Security Manager performs two core functions for the enterprise. The first is overseeing the operations of the enterprise's security solutions through management of the organization's security analysts. The second is establishing an enterprise security stance through policy, architecture and training processes. Secondary tasks will include the selection of appropriate security solutions, and oversight of any vulnerability audits and risk assessments. The IT Security Manager is expected to interface with peers in the Systems and Network departments as well as with the leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.
Strategy & Planning
• Create and maintain the enterprise's security architecture design.
• Create and maintain the enterprise's security awareness training program.
• Create, maintain and govern Deluxe's security documents (policies, standards, baselines, guidelines and procedures).
• Create and maintain the enterprise's Business Continuity Plan and Disaster Recovery Plan, where appropriate.
Acquisition & Deployment
• Maintain up-to-date knowledge of the media and entertainment IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise's existing procurement processes.
• Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.
• Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
• Ensure the enforcement of enterprise security documents.
• Supervise all investigations into problematic activity and provide on-going communication with senior management.
• Supervise the design and execution of vulnerability assessments, penetration tests and security assessments.
• Advise on and manage to completion industry best practice remediation based on internal and external Security assessments
• Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
• Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
Formal Education & Certification
• College diploma or university degree in the field of computer science and/or 5 years equivalent work experience.
• One or more of the following certifications:
• GIAC Security Essentials Certification
• ISACA Certified Information Security Manager
• CompTIA CySA
• (ISC)2 CISSP
• ISACA CISA
Knowledge & Experience
• Extensive experience in enterprise security architecture design.
• Extensive experience in enterprise security document creation.
• Experience in designing and delivering employee security awareness training.
• Experience in managing of staff of 3 to 5 individuals
• Experience in security controls specifically content protect.
• Strong understanding of Media and Entertainment best practices – MPAA
• Strong understanding of IP, TCP/IP, and other network administration protocols.
• Familiarity with Common Weakness Enumeration (CWE), Common Vulnerabilities and Exposures (CVE), Common Platform Enumeration (CPE), and Common Vulnerability Scoring System (CVSS)
• Working technical knowledge of Windows Operating System Internals (Kernel, Registry, File systems (NTFS, FAT), Windows APIs)
• In-depth knowledge of Linux, Unix operating systems. Kali Linux experience a plus.
• In-depth knowledge of networking and communication protocols and devices (routers, switches, firewalls)
• Familiarity with Python, PowerShell, Bash
• Familiarity with Encase Forensic software a plus
• Familiarity with Vulnerability scanning tools, Burp Suite, Nexpose, Nessus
• Familiarity with virtualization technologies, such as VMWare and VirtualBox
• Basic knowledge of the NIST Cyber Security Framework
• Excellent written and verbal communication, organized thought processes, polite and respectful of others, adapts presentations to the audience, aware of confidential nature of information.
• Excellent understanding of enterprise IT systems, software development languages, ITIL, ITSM
• Thoroughly thinks out and evaluates alternatives, innovative problem resolution, pro-active approach, initiative to resolve problems.
• Produce high quality oral and written work product presenting complex technical matters clearly and concisely.
• Excellent problem-solving skills.
• Works with little direction and supervision, timely completion of projects, makes time for unplanned assignments, adapts to changing priorities.
• Perceived fairness; tolerance; honesty; confidentiality; consistent in application of policies and procedures.
• Proven analytical and problem-solving abilities.
• Ability to effectively prioriti