Come work with the most recognized and popular franchise in the world! As a subsidiary of the most profitable children's entertainment brand in existence, this company is responsible for the official website, brand management, licensing, marketing, and development outside of Asia.
After the incredible success of the augmented reality mobile game released in 2016, all development was brought in-house and they haven't stopped growing since. Based in downtown Bellevue, they are well-known for having a great work/life balance as well as an inclusive & collaborative culture.
The beautiful panoramic view from the office is icing on the cake.
As part of the Information Security team, this position will assist in the development of security policy and process, as well as drive audit and compliance efforts. This position will also drive our efforts to maintain privacy and data management compliance needs, e.g. GDPR or COPPA.
Lead both internal and external audits to ensure compliance with all industry-mandated regulations.
Manage compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures.
Assist Legal and Technology organizations with all required compliance/security-related documentation. Ensure documentation is standardized, updated and organized.
Participate in the development and implementation of new business initiatives involving compliance to ensure functionality required to support required compliance.
Provide guidance to business functions on compliance/security-related matters.
Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings.
Initiate improvement activity to reduce risk, ensure compliance, lower cost, and improve quality within IT processes.
Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables.
Refine and revise existing policies and procedures to support internal and external compliance programs. Author new policies and procedures and ensure adequate training for adherence by employees.
Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change.
Deliver findings, recommendations and remediation steps for all activities, in a clear, concise and audience-specific format.
Perform periodic security risk assessments and advise business stakeholders on best practices to reduce risk and overall breach profile.
Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
Deep understanding and experience with ISO 27001, PCI DSS, COPPA, or similar standards.
Experience or understanding of governance, risk and compliance (GRC) processes and solutions.
Experience in information security and auditing with increasing responsibilities.
Strong background in security controls, auditing, network and system security.
Ability to express complex technical concepts in business terms.
Review and coordinate changes to information security policies, procedures, and standards.
BS Degree in Computer Science or Computer Engineering and/or equivalent working experience.
Information Security certifications (CISSP, GSEC, etc.) a plus
Offensive Security/Pen test certifications (OSCP, etc.) a plus