Business Information Security Officer

Q

Quantum Search Partners

Business Information Security Officer

Washington, DC
Full Time
Paid
  • Responsibilities

    Businss Information Security Officer

    Fortune 500 Media Company

    Washington, DC (3 days/in office)

    $225,000-$275,000 + bonus

    About the Opportunity

    The Business Information Security Officer is a key leader within the Global Information and Content Security team, implementing our clients security strategy, policies, and standards across global media & news operations.

    Responsibilities:

    Strategic Business Partnership (50%)

    • Act as a link between news activities, journalists and our centralized cybersecurity functions, ensuring that security initiatives are aligned with business goals and priorities.
    • Promoting a culture of security awareness and accountability.
    • Lead the adoption and enforcement of Global Information and Content Security policies and standards across the business lines.
    • Foster a strong security culture and technical security measures within global news activities and journalistic functions.

    Technical Security Delivery (30%)

    • Provide direction and supervision on security-related projects and initiatives, ensuring compliance with global security standards and best practices.
    • Evaluate and recommend security solutions and tools that enhance the security posture and capabilities of news operations.
    • Handle security exceptions for Global news operations, ensuring proper documentation, approval, and review processes are followed.
    • Support security operations and other teams in the identification, investigation, and mitigation of cyber security incidents.
    • Partner with other GICS leadership to drive the adoption of core security services (Identity and Access Management, Logging and Monitoring, Detection and Response, Vulnerability Management, Product Security, Cloud Security, and Content Security) throughout global news operations.

    Compliance and Reporting (20%)

    • Lead the identification of key risk indictors (KRI’s) for news operations and journalists; driving the analytics, metrics gathering and reporting of KRI’s to leadership.
    • Support enterprise and business lines regulatory and compliance requirements and develop implementation strategies that minimize operational impact and disruption.

    Qualifications & Experience...

    • Ability to work a hybrid model (3 days onsite) out of downtown DC office.
    • Executive presence, technical security expertise, business acumen, communication skills and alignment focus.
    • Being accountable, project driven, results oriented, willingness to be constantly learning new things, open minded, ability to articulate sometimes complex technical security topics and articulate risks in a language that the business finds meaningful and use that information to make more informed decisions.
    • 10+ years of supervisory or management experience in a technical security environment.
    • Solid knowledge of various regulatory requirements and information security control frameworks (ISO, NIST, PCI, GDPR, CCPA, SOX).
    • Strong understanding of audit/risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security
    • Hands-on experience with security practices such as security incident response and risk management.
    • Exceptional verbal and written communication skills, specifically the ability to communicate within the context of the intended audience, whether that be senior executives or highly technical engineering resources.
    • Good understanding of Industry trends and emerging threats.
    • Experience in leading projects leveraging global teams with matrix resources.
    • Extensive experience in the information security field designing and implementing enterprise security solutions in a global context.
    • Should possess proficiency in the technical aspects of cyber security, such as cloud infrastructure, appsec, SIEM, vulnerability management, network security, and IAM/PAM.

    Additional Qualifications:

    • Bachelor’s degree in computer science, Engineering, or other related discipline preferred or 10+ years of previous technical security experience, e.g., architecture, engineering, or InfoSec Director level.
    • Experience in providing Cybersecurity services and modeling for Media, Broadcast & Entertainment companies.
    • Security certifications are a plus (CISSP, CISM, CISA, SANS, etc.)
  • Compensation
    $225,000-$275,000 per year