Job Opening In A+E Networks For Cyber Security Director
Responsible for managing all aspects of the Information Security function including establishing, maintaining and monitoring the policies and procedures, which promote the secure and uninterrupted operation of all data processing systems.
New York, NY
Include the establishment and communication of standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of data in any form; review of systems designs to ensure essential security measures; monitoring systems' usage to detect security violations; implementation of security procedures identified or required by internal auditors, external reviews and legal requirements; consulting on long range security planning; and providing state-of-the-art technical information as requested. These responsibilities extend to reviews of central and distributed computer systems, including internet/intranet, web page processing, firewalls.
Understands the Systems Development Life Cycle (SDLC) methodologies and instructs teams on how to incorporate security controls in compliance with Enterprise standards into each phase. Provides leadership and direction. Develops departmental plans, including business and/or organizational priorities. Decisions are guided by the strategy and priorities of the department.
•Demonstrates an exceptional understanding of comprehensive security programs, including technologies and tools, architectures and network and application design, and policies / business aspects of risk.
•Perform IT Risk & Security assessments and developing information security strategies and appropriate policies.
•Recommends security solutions to assist with the assessment and improvement of A+E Networks security infrastructure as well as demonstrate a strong understanding of the IT security landscape, including emerging risks and security solutions.
•Translate business needs and regulatory requirements into risk appropriate controls to successfully implement security policies, standards and guidelines.
•Responsible for the strategic identification and evaluation of all-hazard (manmade and natural) security risks, threats and vulnerabilities as well as related intelligence to prevent, protect against or mitigate harm to people, assets, property, product and brand reputation.
•Act as a primary subject matter expert, resource, and liaison for law enforcement and security regulatory agencies; partnering closely with Corporate Facilities, Finance, Human Resources, Information Technology, Legal and other departments for qualitative and quantitative risk mitigation.
•Develops, implements, manages, advises, surveys or audits all security programs, policies and procedures.
•Develops training and awareness efforts for employees, contractors and visitors to establish a “culture of care” to prevent or mitigate security incidents.
•Demonstrated ability to work in a collaborative environment and influence others to ensure adequacy of operational risk mitigation efforts.
•Strong critical thinking and analytical skills; demonstrated ability to identify risks associated with business processes, IT operations, information security programs, and technology projects.
•Coordinate critical, sensitive incidents spanning multiple geographies.
•Supervise the activities of analyst(s) and engineer(s) with responsibility for repeatable quality, client satisfaction, and investigative integrity.
•Facilitate effective, comprehensive, and consistent communications, for various audiences, including steering committees and other executive levels.
•Develop team members to increase bench strength and flexibility of the functions.
•Mentor other managers, engineers, and investigators in security and A+E Networks practices.
•Participates in major cross-functional projects affecting A+E’s business, product, or service leadership
•Maintain an understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security operations
•Demonstrate enduring quality and highly efficient operations to internal and external clients, including occasional audits.
•Represents Corporate Security in Customer Briefings, Security Operations reviews, application development and deployment life cycle, network and infrastructure initiatives, etc.
•Conduct executive briefings for A+E clients and partners.
•Responsible for hiring, assigning, developing, coordinating, influencing, leading and measuring all corporate Security programs, personnel, contractors and consultants.
•Guide the design and development of our global security framework.
•Establishes ongoing communication with senior leadership on the status of security issues, evolving risks and related recommendations.
•Contracts, manages, develops or provides performance oversight for all security service providers, consultants and contractors.
•Develops metrics to measure the effectiveness and efficiency of all security programs and personnel.
•Supports leadership in the development and maintenance of business continuity and crisis management/incident command programs, including planning and conducting exercises with local first responders.
•Proactively establishes and maintains relationships with appropriate government and law enforcement agencies.
•Acts as lead or technical support for major incident investigations involving security related issues.
•Assists in developing budgets and forecasts to support business needs, goals and objectives.
•Monitors and stays current with security-related proven practices and technology.
•Ensures adherence to protocols for 24x7x365 response and notifications for alarms, emergencies, or critical incidents.
- Minimum of ten (10) years of progressively responsible security program management or related experience in risk/security management.
- Exceptional cross-functional team leadership and risk mediation experience within a media / digital practice, production, distribution, or corporate environment.
- Hands-on experience with Emergency Preparedness, Critical Incident Management, Business Continuity and Disaster Recovery principles and program development.
- Experience developing corporate and cloud security programs.
- 10+ years experience in information security.
- 3-5 years of applied leadership experience overseeing Security initiatives in a global enterprise.
- Strong technical competence and aptitude with a strong interest to being hands-on.
- Quick thinker, experienced in unconventional problem solving.
- Comfortable initiating change; consciously managing and shaping change. Is able to handle the stress related to balancing multiple issues and perspectives.
- Excellent written and verbal communication skills and ability to effectively interact with all levels of management from application developers to the CIO.
- Ability to be on call or assure coordination, and leadership for critical incident response 24x7x365.
- Knowledge and experience regarding related state, local and federal laws, regulations and proven practices.
- Previous hands-on experience with complex IT Security solutions and business applications.
- Ability to develop and maintain highly effective relationships, internally and externally.
- Positive "can do" attitude with focus on the success of the team over individual accomplishments.
- Strong interpersonal communication and presentation skills.
BA or BS Management Information Systems, Computer Science, or Engineering required, or equivalent work experience.
Obtained one or more of the following certifications:
- Information Systems Security Professional (CISSP),
- Certified Information Security Manager (CISM),
- Certified Information Systems Auditor (CISA) certifications,
- Project Management Professional (PMP)
- or other related certifications is required.
Exceptional planning and organizational skills.
- PMP or CAPM Certification is a plus.
- ITIL v3/2011 or CSSGB Certification a preferred plus
About this company
A+E Networks, LLC. is an award-winning global media content company offering consumers a diverse communications environment ranging from television networks to websites, to home videos/DVDs to gaming and educational software. A+E Networks is comprised of A&E® Network, Lifetime®, HISTORY®, LMN®, BIO.™, H2™, HISTORY en Español™, Crime & Investigation Network™, Military HISTORY™, Lifetime Real Women®, A&E IndieFilms®, A+E Networks International®, A+E Networks Digital® and A+E Networks Consumer Products™. A+E Networks channels and branded programming reach more than 300 million households in over 150 countries. A+E Networks, LLC. is a joint venture of Disney-ABC Television Group and Hearst Corporation.