Warner Media, LLC.
Cybersecurity Compliance Staff (Lead)
Warner Media, LLC., Atlanta, Georgia, United States, 30383
Welcome to Warner Bros. Discovery… the stuff dreams are made of.
Who We Are…
When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the
storytellers
bringing our characters to life, the
creators
bringing them to your living rooms and the
dreamers
creating what’s next… From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive. *Must be able to work a hybrid model (3 days onsite) out of our Atlanta office.* The Job Warner Bros. Discovery (WBD) is hiring a talented Cybersecurity Corrective Action Staff Lead who will be a part of the Global Information & Content Security (GICS) team supporting the organization globally across all domestic and international brands and divisions. You will drive the remediation of security control deficiencies, audit findings, opportunities for improvement, and general cybersecurity non-compliance issues to resolution. As a member of the GICS team, you will be assigned to the Security Compliance team and will work in partnership with key stakeholders such as Technology, HR, Internal Audit, External Audit, Legal, Identity and Access Management, Incident Response, etc. to ensure security and compliance with various regulatory and policy requirements. The successful candidate will have experience across multiple compliance domains including audit process/procedure, risk analysis and mitigation, control testing, and continuous improvement initiatives. CORRECTIVE ACTION MANAGEMENT
(60%) Drive remediation of cybersecurity, internal audit, and IT General Controls control gaps, deficiencies, and program improvement opportunities.
Assist project team, key stakeholders, and management to prioritize security and compliance requirements, and develop and maintain detailed project plans using standard tools.
Partner with audit as needed to manage audit requests, assist with escalations, and help streamline audits overall.
Publish and maintain a comprehensive audit calendar, assessment plan, and issue tracker.
Lead and organize meetings, information security assessments, analysis, mitigation, and remediation.
Advise in implementing solutions and mitigation plans for control deficiencies, regulatory and compliance gaps, and make recommendations for process efficiencies.
Drive process improvements and control implementation across business functions, including resolution of assessment findings and independent initiatives.
Effectively assist in leading by influence and work in a matrix/cross functional (BU Champions).
Build issue trackers, create status reporting for SLT, as well as build and maintain KRIs, and KPIs.
Partner with peer information security teams to provide consolidated reporting, and drive remediation of all open security and technical findings across WBD.
Execute as needed on Security & Compliance programs owned by our organization including but not limited to Audit Management & Issue Remediation, PCI, Privacy Data Security, Swift, SOX, NIST CSF, ISO 27002, MPA, SEC cyber-regulations, etc.
Lead targeted compliance assessments, audits, and reviews, communicating results and recommendations in clear and concise written reports; and collaborate with management to ensure corrective actions are implemented effectively.
Investigate compliance issues and assist with investigation reports.
Validate system requirements, flows, and written procedures through testing and observations, and ensure regulatory compliance operating procedures and controls are working as intended.
Help provide training and training materials for new processes.
Assist with developing and defining new and improved workflow and initiatives.
Perform analysis based on testing results through observations and reports to identify system and process gaps, reducing risk for WBD.
Document all work, and findings resulting from testing and communicate to relevant stakeholders within defined standard processes.
Conduct related ongoing security compliance monitoring activities in coordination with the organization’s other compliance and operational assessment functions.
PLANNING
(20%) Make updates to the Unified Controls Framework (UCF) as agreed with other team members and relevant governance bodies.
Assist in the implementation of the Company GRC system, policies, standards, and processes.
Participate in cross-functional teams to provide various security compliance and regulatory compliance subject matter expertise, ensuring that activities continue to support systematic processes in place and drive positive compliant behaviors or that proposed new system changes fully meet Regulatory, Security and Legal requirements.
Assist in creation of comprehensive and meaningful strategy presentations for senior executives.
Document roadmaps for key initiatives and programs.
Ability to contribute to building a framework and drive development through dynamic business intelligence tools and dashboards for use in ongoing business planning and goal measurement through KPIs.
ANALYTICS & REPORTING
(20%) Monitor the effectiveness of the compliance assessment process in accordance with agreed metrics and performance measures to drive continuous improvements.
Develop comprehensive performance analysis of business processes and review ways of improvement.
Develop and report upon agreed Key Performance Indicator metrics.
Actively participate in stakeholder meetings with the goal of understanding all major projects and initiatives planned.
The Essentials BS/BA degree required.
Fluent or advanced English written, verbal, and comprehension levels.
6+ years working in audit or compliance environments in a corporate or consulting capacity, with experience in a highly technical setting.
2+ years working in Privacy Data Security, Audit or PCI regulatory assessments/requirements.
Experience defining certification/action plan roadmaps balancing compliance deliverables, business requirements, and resource allocation.
Relevant active certification (CISA, CISM, CISSP, etc.).
Experience with cross-functional risk, compliance and/or information security disciplines.
Technical GRC and metrics tools experience such as Service Now IRM, Power BI, etc.
Subject matter expertise in the areas of Data Privacy, NIST CSF, MPA, SSAE 18, Swift, SOX, PCI, etc.
Experience in project management, along with organizational and planning skills.
Superior analytical and problem-solving skills.
Expert user of Microsoft Office (Excel, PowerPoint, Word) to prepare all documents, presentations, graphs, briefings, and worksheets.
Experience with Cloud Platforms including AWS and GCP.
Experience with vulnerability management, reporting, and vulnerability best practices.
Excellent written and verbal communication.
Superb relationship building skills.
Work collaboratively w/small and large teams.
Ability to handle multiple assignments concurrently and reprioritize as needed.
You possess the highest integrity commensurate with a compliance & ethics position.
You have excellent communication and project management skills.
You produce clear & polished work product, in narrative and visual form.
You have strong quantitative and qualitative analysis skills.
You have driven change to completion across functions in an IT or comparable technical environment.
You are able to work independently, are flexible and adaptive and demonstrate a passion to operate in a dynamic and fast-growing environment.
You are able to manage and train team members (staff or consultants) as needed.
Experience in identifying risk-based issues and working across organizations to remediate.
Analytical skills with ability to use sound business judgment and to exercise skepticism as needed.
Process focused experience including the ability to assess, interpret, and guide corporate processes.
The Nice to Haves 5+ years of Big 4 experience in a related field.
2+ years of prior experience in a related field (media, entertainment, business development or streaming services industry experience).
Knowledge of and passion for media, entertainment, and technology industries (including key players, growth trends and drivers, new media models, industry structure, etc.).
Familiarity with streaming and similar products/services.
Experience working in a national or global company.
Some visualization tool knowledge would be helpful (i.e., Tableau, Power BI).
Comfortable working in a highly iterative environment.
Creative problem solver who possesses sound business discernment and is highly detailed oriented.
A passion for accuracy and translating insights into a compelling narrative; able to maintain a balance between the details and the larger picture.
Strong leadership, project, and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments.
How We Get Things Done… This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at
www.wbd.com/guiding-principles/
along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview. Championing Inclusion at WBD Warner Bros. Discovery embraces the opportunity to build a workforce that reflects the diversity of our society and the world around us. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law. If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our
accessibility page
for instructions to submit your request. In compliance with local law, we are disclosing the compensation, or a range thereof, for roles in locations where legally required. Actual salaries will vary based on several factors, including but not limited to external market data, internal equity, location, skill set, experience, and/or performance. Base pay is just one component of Warner Bros. Discovery’s total compensation package for employees. Pay Range: $86,030.00 - $159,770.00 salary per year. Other rewards may include annual bonuses, short- and long-term incentives, and program-specific awards. In addition, Warner Bros. Discovery provides a variety of benefits to employees, including health insurance coverage, an employee wellness program, life and disability insurance, a retirement savings plan, paid holidays and sick time and vacation.
#J-18808-Ljbffr
storytellers
bringing our characters to life, the
creators
bringing them to your living rooms and the
dreamers
creating what’s next… From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive. *Must be able to work a hybrid model (3 days onsite) out of our Atlanta office.* The Job Warner Bros. Discovery (WBD) is hiring a talented Cybersecurity Corrective Action Staff Lead who will be a part of the Global Information & Content Security (GICS) team supporting the organization globally across all domestic and international brands and divisions. You will drive the remediation of security control deficiencies, audit findings, opportunities for improvement, and general cybersecurity non-compliance issues to resolution. As a member of the GICS team, you will be assigned to the Security Compliance team and will work in partnership with key stakeholders such as Technology, HR, Internal Audit, External Audit, Legal, Identity and Access Management, Incident Response, etc. to ensure security and compliance with various regulatory and policy requirements. The successful candidate will have experience across multiple compliance domains including audit process/procedure, risk analysis and mitigation, control testing, and continuous improvement initiatives. CORRECTIVE ACTION MANAGEMENT
(60%) Drive remediation of cybersecurity, internal audit, and IT General Controls control gaps, deficiencies, and program improvement opportunities.
Assist project team, key stakeholders, and management to prioritize security and compliance requirements, and develop and maintain detailed project plans using standard tools.
Partner with audit as needed to manage audit requests, assist with escalations, and help streamline audits overall.
Publish and maintain a comprehensive audit calendar, assessment plan, and issue tracker.
Lead and organize meetings, information security assessments, analysis, mitigation, and remediation.
Advise in implementing solutions and mitigation plans for control deficiencies, regulatory and compliance gaps, and make recommendations for process efficiencies.
Drive process improvements and control implementation across business functions, including resolution of assessment findings and independent initiatives.
Effectively assist in leading by influence and work in a matrix/cross functional (BU Champions).
Build issue trackers, create status reporting for SLT, as well as build and maintain KRIs, and KPIs.
Partner with peer information security teams to provide consolidated reporting, and drive remediation of all open security and technical findings across WBD.
Execute as needed on Security & Compliance programs owned by our organization including but not limited to Audit Management & Issue Remediation, PCI, Privacy Data Security, Swift, SOX, NIST CSF, ISO 27002, MPA, SEC cyber-regulations, etc.
Lead targeted compliance assessments, audits, and reviews, communicating results and recommendations in clear and concise written reports; and collaborate with management to ensure corrective actions are implemented effectively.
Investigate compliance issues and assist with investigation reports.
Validate system requirements, flows, and written procedures through testing and observations, and ensure regulatory compliance operating procedures and controls are working as intended.
Help provide training and training materials for new processes.
Assist with developing and defining new and improved workflow and initiatives.
Perform analysis based on testing results through observations and reports to identify system and process gaps, reducing risk for WBD.
Document all work, and findings resulting from testing and communicate to relevant stakeholders within defined standard processes.
Conduct related ongoing security compliance monitoring activities in coordination with the organization’s other compliance and operational assessment functions.
PLANNING
(20%) Make updates to the Unified Controls Framework (UCF) as agreed with other team members and relevant governance bodies.
Assist in the implementation of the Company GRC system, policies, standards, and processes.
Participate in cross-functional teams to provide various security compliance and regulatory compliance subject matter expertise, ensuring that activities continue to support systematic processes in place and drive positive compliant behaviors or that proposed new system changes fully meet Regulatory, Security and Legal requirements.
Assist in creation of comprehensive and meaningful strategy presentations for senior executives.
Document roadmaps for key initiatives and programs.
Ability to contribute to building a framework and drive development through dynamic business intelligence tools and dashboards for use in ongoing business planning and goal measurement through KPIs.
ANALYTICS & REPORTING
(20%) Monitor the effectiveness of the compliance assessment process in accordance with agreed metrics and performance measures to drive continuous improvements.
Develop comprehensive performance analysis of business processes and review ways of improvement.
Develop and report upon agreed Key Performance Indicator metrics.
Actively participate in stakeholder meetings with the goal of understanding all major projects and initiatives planned.
The Essentials BS/BA degree required.
Fluent or advanced English written, verbal, and comprehension levels.
6+ years working in audit or compliance environments in a corporate or consulting capacity, with experience in a highly technical setting.
2+ years working in Privacy Data Security, Audit or PCI regulatory assessments/requirements.
Experience defining certification/action plan roadmaps balancing compliance deliverables, business requirements, and resource allocation.
Relevant active certification (CISA, CISM, CISSP, etc.).
Experience with cross-functional risk, compliance and/or information security disciplines.
Technical GRC and metrics tools experience such as Service Now IRM, Power BI, etc.
Subject matter expertise in the areas of Data Privacy, NIST CSF, MPA, SSAE 18, Swift, SOX, PCI, etc.
Experience in project management, along with organizational and planning skills.
Superior analytical and problem-solving skills.
Expert user of Microsoft Office (Excel, PowerPoint, Word) to prepare all documents, presentations, graphs, briefings, and worksheets.
Experience with Cloud Platforms including AWS and GCP.
Experience with vulnerability management, reporting, and vulnerability best practices.
Excellent written and verbal communication.
Superb relationship building skills.
Work collaboratively w/small and large teams.
Ability to handle multiple assignments concurrently and reprioritize as needed.
You possess the highest integrity commensurate with a compliance & ethics position.
You have excellent communication and project management skills.
You produce clear & polished work product, in narrative and visual form.
You have strong quantitative and qualitative analysis skills.
You have driven change to completion across functions in an IT or comparable technical environment.
You are able to work independently, are flexible and adaptive and demonstrate a passion to operate in a dynamic and fast-growing environment.
You are able to manage and train team members (staff or consultants) as needed.
Experience in identifying risk-based issues and working across organizations to remediate.
Analytical skills with ability to use sound business judgment and to exercise skepticism as needed.
Process focused experience including the ability to assess, interpret, and guide corporate processes.
The Nice to Haves 5+ years of Big 4 experience in a related field.
2+ years of prior experience in a related field (media, entertainment, business development or streaming services industry experience).
Knowledge of and passion for media, entertainment, and technology industries (including key players, growth trends and drivers, new media models, industry structure, etc.).
Familiarity with streaming and similar products/services.
Experience working in a national or global company.
Some visualization tool knowledge would be helpful (i.e., Tableau, Power BI).
Comfortable working in a highly iterative environment.
Creative problem solver who possesses sound business discernment and is highly detailed oriented.
A passion for accuracy and translating insights into a compelling narrative; able to maintain a balance between the details and the larger picture.
Strong leadership, project, and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments.
How We Get Things Done… This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at
www.wbd.com/guiding-principles/
along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview. Championing Inclusion at WBD Warner Bros. Discovery embraces the opportunity to build a workforce that reflects the diversity of our society and the world around us. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law. If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our
accessibility page
for instructions to submit your request. In compliance with local law, we are disclosing the compensation, or a range thereof, for roles in locations where legally required. Actual salaries will vary based on several factors, including but not limited to external market data, internal equity, location, skill set, experience, and/or performance. Base pay is just one component of Warner Bros. Discovery’s total compensation package for employees. Pay Range: $86,030.00 - $159,770.00 salary per year. Other rewards may include annual bonuses, short- and long-term incentives, and program-specific awards. In addition, Warner Bros. Discovery provides a variety of benefits to employees, including health insurance coverage, an employee wellness program, life and disability insurance, a retirement savings plan, paid holidays and sick time and vacation.
#J-18808-Ljbffr