Verticalmove
Apply Now »

Manager, Security Plans and Programs - Security Operations/Cybersecurity


« Back to results

Althea Ochoa Business Development Associate

Phone Work
Phone Fax
Email: althea.ochoa@verticalmove.com



Job Info



Category Security Operations/Cybersecurity
Employment Type Full-Time Employment
Compensation $0.00 - $0.00
Location United States, Washington - 98004


Client Introduction



Come work with the most recognized and popular franchise in the world! As a subsidiary of the most profitable children's entertainment brand in existence, this company is responsible for the official website, brand management, licensing, marketing, and development outside of Asia.

After the incredible success of the augmented reality mobile game released in 2016, all development was brought in-house and they haven't stopped growing since. Based in downtown Bellevue, they are well-known for having a great work/life balance as well as an inclusive & collaborative culture.

The beautiful panoramic view from the office is icing on the cake.


Job Description



As part of the Information Security team, this position would be passionate about the development, implementation and sustainment of plans and programs designed for risk management, audit and compliance, employee training, and advising the organization on information security practices to protect company assets, customer-facing systems, and customer data.

Job Responsibilities



Lead both internal and external audits to ensure compliance with all industry-mandated regulations.
Manage compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures.
Assist Legal and Technology organizations with all required compliance/security-related documentation. Ensure documentation is standardized, updated and organized.
Participate in the development and implementation of new business initiatives involving compliance to ensure functionality required to support required compliance.
Provide guidance to business functions on compliance/security-related matters.
Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings.
Initiate improvement activity to reduce risk, ensure compliance, lower cost, and improve quality within IT processes.
Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables.
Refine and revise existing policies and procedures to support internal and external compliance programs. Author new policies and procedures and ensure adequate training for adherence by employees.
Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change.
Deliver findings, recommendations and remediation steps for all activities, in a clear, concise and audience-specific format.
Perform periodic security risk assessments and advise business stakeholders on best practices to reduce risk and overall breach profile.
Responsible for building and influencing security as a core competency throughout TPCi to include education and training for employees.


Experience





Required Experience



Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
Deep understanding and experience with ISO 27001, PCI DSS, COPPA, or similar standards.
Experience or understanding of governance, risk and compliance (GRC) processes and solutions.
Experience in information security and auditing with increasing responsibilities.
Strong background in security controls, auditing, network and system security.
Ability to express complex technical concepts in business terms.
Review and coordinate changes to information security policies, procedures, and standards.


Required Education



BS Degree in Computer Science or Computer Engineering and/or equivalent working experience.
Information Security certifications (CISSP, GSEC, etc.) a plus
Offensive Security/Pen test certifications (OSCP, etc.) a plus


Previous MonthNext Month
SunMonTueWedThuFriSat