Information Security Specialist
MiramaxLos Angeles, CA
Full Time Job
The Information Security Specialist will be responsible for the Information Security at Miramax. The role would incorporate responsibilities related to Information Security activities aimed to enhance security controls, security assessments, patching, Info. Sec. solution implementation, and other projects as assigned. This role should be able to deliver and manage security awareness programs, perform information risk management, and manage information security incidents for Miramax.
• Responsible for Information Security at Miramax
• Serve as the subject matter expert in the development, implementation, and maintenance of information security program.
• Assess the design and operational effectiveness of IT & Business Information Security controls.
• Document audit findings and recommendations for remediation. Complete risk assessments and perform in-depth analysis of mitigating controls.
• Track the status of known Information Security risks working with IT and Business departments to promote remediation of known exposures.
• Partner with internal teams to manage control oversight, testing, gap analysis, remediation tracking, compliance documentation, and evidence collection.
• Serve as liaison and LNE advocate between external security assessment firms and internal operations teams to promote on-time and on-budget completion of engagements.
• Identify opportunities and develop tactical and strategic solutions for enterprise service delivery to meet regulatory compliance requirements in a holistic manner.
• Advocate security best practice throughout the business.
• Lead formal presentations of compliance status and issues regularly to IT teams and management.
• Respond to compliance queries from third parties, clients, client reps, legal, advanced product specialists on behalf of the company.
• Bachelors Degree in Computer Science or equivalent field of study
• Minimum of 6 years of experience in regulatory compliance, IT audit, Information Security, IT Operations.
• Proficiency working with recognized IT Security-related standards, technologies and countermeasures:
• Proficiency with industry frameworks such as ISO27001/27002 and SOX ITGCs
• Network Security & Forensics
• System Hardening – Windows & Linux
• Vulnerability Scanning and Remediation
• Application Penetration Testing and Remediation
• Encryption / PKI
• Endpoint Protection & Anti Virus Deployments
• SIEM / IDS / IPS / WAF / FIM
• CISA, CISM, and/or CISSP certifications preferred