Posted in

Sr. Information Security Compliance Analyst

Sr. Information Security Compliance Analyst

CompanyWarner Bros.
LocationAtlanta, GA, USA
Salary$Not Provided – $Not Provided
TypeFull-Time
DegreesBachelor’s
Experience LevelSenior

Requirements

  • Bachelor’s degree in computer science, business administration or related technical field.
  • 4+ or more years working in audit or compliance environments in a corporate or consulting capacity, with experience in a highly technical setting.
  • 3+ years working in PCI regulatory assessments / requirements; previous PCI Qualified Security Assessor “QSA” certification required.
  • The ability to be precise and display superb attention to detail is essential.
  • Ability to effectively apply training and feedback.
  • Experience testing cloud controls across AWS, Azure, and GCP.
  • Experience defining certification/action plan roadmaps balancing compliance deliverables, business requirements, and resource allocation.
  • Relevant certification (CISA, PCIP, CISM, CISSP, etc.).
  • Experience with cross-functional risk, compliance and/or information security disciplines.
  • Subject matter expertise in the areas of PCI, Data Privacy, SSAE 18, Swift, SOX, etc.
  • Superior analytical and problem-solving skills.
  • Superb relationship building skills.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Ability to assess customer/client needs, creatively approach solutions, decide and influence appropriate courses of action.
  • Ability to work with changing priorities and with multiple projects.
  • You possess the highest integrity commensurate with a compliance & ethics position.
  • You have excellent communication and project management skills.
  • You produce clear & polished work product, in narrative and visual form.
  • You can work independently, are flexible and adaptive, and demonstrate a passion to operate in a dynamic and fast-growing environment.
  • Strong quantitative, qualitative, and analytical skills with ability to use sound business judgment and to exercise skepticism as needed.

Responsibilities

  • Lead and support PCI assessments.
  • Communicate status of security compliance efforts to executive leadership and management across technology disciplines.
  • Keep current with the latest security technology advances and evolving compliance requirements and propose innovations that may benefit the business.
  • Maintain detailed project plans and tasks lists to ensure you meet major milestone and critical due dates.
  • Assist in information security assessments, audits, risk mitigation, and remediation.
  • Track status of implementing remediation plans for control deficiencies, regulatory and policy gaps and make recommendations for process efficiencies.
  • Drive process improvements and control implementation across business functions, including resolution of assessment findings and independent initiatives.
  • Effectively communicate and build rapport with various partners and teams globally.
  • Lead targeted compliance assessments, audits, and reviews, communicating results and recommendations in clear and concise written reports; and collaborate with management to ensure corrective actions are implemented effectively.
  • Validate system requirements, flows, and written procedures through testing and observations, and to ensure regulatory compliance operating procedures and controls are working as intended.
  • Participate in cross-functional teams to support various regulatory compliance subject matters ensuring that user activities continue to support systematic processes in place and drive positive compliant behaviors or that proposed new system changes fully meet Regulatory, Security and Legal requirements.
  • Perform analysis based on the testing results through observations and reports to identify system and process gaps reducing risk for WBD.
  • Document all work, and findings resulting from testing and communicate to relevant stakeholders within defined standard processes.
  • Conduct related ongoing security compliance monitoring activities in coordination with the organization’s other compliance and operational assessment functions.
  • Lead compliance assessments including testing to demonstrate the effectiveness of controls, and supporting team members to ensure reviews are critical, comprehensive, and thorough.
  • Accountable for organizing and leading meetings with various stakeholders across the company, and across the globe.
  • Technical and process experienced professional who will ensure data and evidence meets audit expectations and regulatory requirements.
  • Responsible for establishing and tracking goals, project plans, and assessment status, and is able to effectively communicate risks and overall status to your management on a timely basis.
  • Stay abreast of existing and upcoming projects to effectively plan your work.
  • Make updates to the centralized issues log, audit calendar, and other key team documents, ensuring accuracy, attention to detail, and overall status.
  • Assist in the implementation of the Company GRC system, policies, standards, and processes.
  • Assist in creation of comprehensive and meaningful metrics and status update for your Manager.
  • Ability to partner with other team members, contribute to building a positive team culture, learn internal processes, and contribute to building effective deliverables.
  • Identify and measure key metrics reflecting the status of audits and assessments.
  • Monitor the effectiveness of the compliance assessment process in accordance with agreed team metrics and performance measures to drive continuous improvements.
  • Actively participate in stakeholder meetings with the goal of understanding all major projects and initiatives planned.
  • Actively drive and report on status of audit completion, as well as remediation of regulatory and policy issues.

Preferred Qualifications

  • 3+ years of Big 4 experience in a related field.
  • 3+ years of prior experience in a related field (media, tech, entertainment, business development or streaming services industry experience).
  • Knowledge of and passion for media, entertainment, and technology industries (including key players, growth trends and drivers, new media models, industry structure, etc.).
  • Familiarity with streaming and similar products/services.
  • Experience working in a national or global company.
  • Some visualization tool knowledge would be helpful (i.e., Tableau, Power BI).
  • Comfortable in working in a highly iterative environment.
  • Creative problem solver who possesses sound business discernment and is highly detail oriented.
  • A passion for accuracy and translating insights into a compelling narrative; able to maintain a balance between the details and the larger picture.