Business Information Security Officer, Sr. Director

Comcast   •  

Philadelphia, PA

Industry: Media

  •  

11 - 15 years

Posted 30 days ago

IN THIS ROLE
Reporting to Comcast's Vice President, Security Solutions Delivery, you will be working with some of the leading security experts as well leaders of the Comcast Business units, your job will be to oversee the execution of Information Security Risk Management practices across all Comcast business units. As a trusted advisor, you will need to understand the requirements of the business, find acceptable, cost-effective solutions that meet security goals, and communicate the importance of information security to all levels of the business. In addition, you will ensure the business complies with all Information Security Policies and continuously monitor and report on risks

WHAT YOU WILL DO
Direct Responsibilities
- Oversee the establishment and execution of the Information Security Program within each business
- Oversee the integration of security risks within the enterprise operational risk framework
- Perform annual information security risk assessments; report risks and remediation plans at the business until level
- Actively participate in the information security incident response process; help shape remediation plans
- Ensure all applications and systems within each business adhere to the Access Management strategy; establish user access logs to monitor critical data access, including PII.
- Build a T&P Security Product and Service catalog and work with the BISO team and the rest of the T&P security team to keep it updated at a bi-annual cadence.

In Partnership
- Review and provide input into the Information Security Policy and Standards
- Establish reporting on the state and efficacy of security controls for the business units
- Ensure clear lines of communication between Business Units and the security team
- Secure ongoing funding for special/complex security projects
- Evangelizing security awareness across the business

WHAT SUCCESS LOOKS LIKE
- Increased levels of security across designated Business Unit AMB
- Improved compliance with security standards and policies across Business Unit teams AMB
- Greater awareness of information security and data privacy requirements (globally)
- Adoption of Enterprise Information Security Standards throughout the business environment

WHAT YOU SHOULD POSSESS
- Ability to interpret and apply policies and regulations across a large, complex business
- Analytical aptitude, investigative and critical questioning nature; data-driven decision making skills
- Excellent interpersonal skills to interact with leaders at multiple levels and facilitate team interactions
- Project management experience
- Strong understanding of audit/risk management methodologies and regulatory requirements for information security, privacy and data security
- CISSP, CISM, GIAC, OSCP or other relevant security certifications

WHAT YOU CAN EXPECT
- A cool and casual work environment where you will sharpen and showcase your skills within a team focused on beating cyber criminals
- A place that values results and teamwork, mentors our people, and supports individuals as they pave their own way to success
- A culture of continuous learning and innovation with formal and informal learning and growth opportunities

WHAT WE REQUIRE
- Bachelor's Degree or equivalent experience
- 12+years of information technology, IT project/program management, or cyber security related experience.
- Ability to travel as needed.

OTHER RESPONSIBILITIES
- Discipline to handle confidential matters with appropriate sensitivity
- Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) as necessary.
- Other duties and responsibilities as assigned

186866