Director, Information Security Risk MGMT
Discovery CommunicationsSterling, VA
Full Time Job
The Director, Information Security Risk Management will be responsible for developing and managing the information security risk program, including implementing and maintaining an information security risk management strategy that informs and facilitates risk-based decisions, while also supporting and participating in broader information security governance activities. Responsibilities will include consultation, business-as-usual delivery on risk assessments, process improvement and driving transformational activities underway.
1. Serve as the primary point of contact for information security risk, consulting as needed with internal customers
2. Integrate information security risk management into Discovery’s direct-to-consumer business
3. Collaborate with various operational and business teams to drive a cohesive view of information security risk throughout Discovery
4. Develop formal processes and procedures to support Discovery’s risk management strategy
5. Develop and perform risk identification and assessment activities that address information security threats
6. Manage the risk assessment process to facilitate implementing appropriate courses of actions to respond to risks
7. Develop, implement, and maintain accurate documentation and reporting of information security risk, and risk remediation activities
8. Keep aware of local, national and international trends and developments in information security, relate them to the needs of Discovery, and proactively communicate at the appropriate level
* Bachelor’s or Master’s degree in related field, such as Business, IT, Computer Science, or equivalent work experience
* 8 years of work experience in Information Security, Risk & Compliance, or Information Technology
* 2 years leadership experience
* CISSP, CISM, CRISC or similar industry-relevant certification
* Functional knowledge of CISSP security domains and information security industry standard and best practices
* Functional knowledge of and experience applying governance frameworks such as ISO 27001, NIST, PCI, Sarbanes Oxley, COBIT, etc
* Experience managing complex initiatives in a dynamic, fast-paced environment
* Ability to professionally interface and communicate with all levels of management and staff regarding Information Security services
* Experience working with commercial GRC solutions a plus
* Strong verbal and written communication skills
* Strong interpersonal skills
* Must have the legal right to work in the United States
Sterling, Virginia, VA
As Discovery’s portfolio continues to grow – around the world and across platforms – the Global Technology & Operations team is building media technology and IT systems that meet the world class standard for which Discovery is known. GT&O builds, implements and maintains the business systems and technology that are critical for delivering Discovery’s products, while articulating the long-term technology strategy that will enable Discovery’s growing pay-TV, digital terrestrial, free-to-air and online services to reach more audiences on more platforms.
From Amsterdam to Singapore and from satellite and broadcast operations to SAP, we are driving Discovery forward on the leading edge of technology.
Within our Information Security team, there has never been a busier or more urgent time to obtain the best talent we can for a function so critical to Discovery Communications. In light of the constant threats and attacks occurring in companies across the globe, and across all industries, the Information Security Team at Discovery is a growing group of cyber security professionals, that are using the latest tools and resources to protect the assets from our internal infrastructure to the shows we broadcast across the globe on Discovery Channel, Animal Planet, Discovery ID, TLC, EuroSport and more. From the US to Singapore, India to LA, we are tasked with protecting, training, and implementing the best of the best in tools, resources, monitoring, threat detection, and more.