3 days old

Senior-Technology Security

Chicago, IL 60684
**Overall Purpose: This is a Compliance position reporting into the Chief Security office. This position is supporting BUs for the defined Compliance functions including: Regulatory Compliance, Cloud Compliance, Audit Management, Proactive Compliance, Periodic Assessments & Validation, Issue Trending / Remediation / Tracking & Reporting, and overall Compliance to Policies, Standards, & Baselines (Gap Remediation). Increased responsibilities also include an expanded team requiring management, cross-training, and development.** **This role will engage broadly across business and information technology functions to ensure effective awareness, planning, and execution on security & compliance-related concepts, projects, initiatives, and requirements.** **You will be responsible for review and analysis of policy, compliance, and security requirements, work with senior team members to develop integrated plans to protect corporate assets and information technology, and administers security systems to support daily security operations.**

**Key Roles and Responsibilities:** **Responsible for leading, coordinating and executing strategies related to compliance to help AT&T meet objectives including safeguarding assets against fraud risk and complying with external regulations (e.g. Sarbanes-Oxley (SOX), PCI, Accessibility, SSAE 18, etc.).** **Validates processes are working end-to-end, identifying risk areas and risk treatments & mitigation, as well as leading internal compliance assessments to understand and determine potential impact to regulatory and non-regulatory compliance components. Responsible for functions centered on effective implementation of all the elements of a compliance program: compliance with applicable laws, rules, and regulations, internal policies and procedures; accepted business practices, ethical standards, and contractual obligations.** **Daily collaboration across all levels and BUs including Technology, HR, Legal, Finance, Production, Internal Audit, External Audit, SOX PMO, Privacy, Governance, Risk, BISOs, & Engineering.**

**Includes researching, recommending, documenting, and coordinating implementation of changes to policies, procedures, facilities, and systems to enhance security as well as developing and delivering corporate security awareness training for users and technical security training for system administrators. Facilitates compliance with company security policies, practices and legal requirements. May provide support to non-management employees, including coaching, on-the-job and formal training, reference materials, procedures and system documentation. Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information. May interface with other stakeholders including vendors, application development and technical support staff, and clients. May provide inventory and asset management resources to security operation, including administrative supplies, security specific resources such as SecurID cards or cryptographic key management, and specialized security software. Job Contribution: Senior level technical expertise. Deep technical knowledge and subject matter expert on ATT technologies.**

**A technical Compliance expert is needed to respond to evolving deficiencies and risk and requires granular investigation/awareness due to elevating criticality and severity. Resource will assess and test controls for critical functions and processes, potential impacts to AT&T/WM, and help to build remediation plans to address areas of non-compliance. Additionally, must have ability to identify/contact responsible resources across all BUs and articulate/document issues for senior leadership. Responsible for review and analysis of security requirements, works with senior team members to develop integrated plans to protect corporate assets and information technology, and administers security systems to support daily security operations. Assess overall security risk of systems, prioritizes and leads activities to lower AT&Ts overall security risk posture.**

**This critical position provides strategic and tactical support for all of Warner Media and AT&T regardless of business unit. Position requires regulatory (SOX, PCI, SSAE18, HIPAA, NIST, COBIT, ISO 27001/27002) and technical knowledge (application, network, operating systems, databases, tools, public and private cloud, etc.). Candidate must exhibit a high degree of thought leadership capabilities and be able to partner with clients to deliver best in class compliance and security requirements, architecture and design, research/strategy/planning, risk analysis and remediation and/or mitigation for complex platforms and services.**

**Accreditation, Certification, or Licenses:**

**CISA required (CISSP, CISM, or other equivalent).**

**Training and Special Skills:**

**Knowledge of / experience within the media industry required.**

+ **Knowledge of internal policies, standards and baselines, industry standards (e.g., ISO27001, NIST), and regulatory requirements such as SOX, PCI, GDPR, and CCPA**

+ **Aware of existing and upcoming regulatory legislation in order to assess potential impact on the WM compliance programs.**

+ **Project management skills.**

+ **Must be a problem solver and hold strong and practical techniques to move beyond an impasse.**

+ **You must be able to educate people regarding complex policy requirements.**

+ **Must have experience working with systems implementation methodology such as business process design, documentation and execution, conversions, interfaces, reporting, and testing.**

+ **You should have a passion for quality and own the solution, whether it fails or flies.**

+ **Attention to detail.**

+ **Clear and concise written and oral communication skills.**

+ **Ability to communicate with varying levels of an organization.**

+ **Effective organization and time management skills, with ability to multi-task.**

+ **The candidate must have strong communications skills to successfully oversee technical work activities of the team to deliver results. The candidate should have strong experience providing senior leadership briefings and preparing associated content.**

+ **Stay abreast of existing and upcoming regulatory legislation in order to assess potential impact on the WM compliance programs.**

+ **Drive process improvements and control implementation across business functions, including resolution of assessment findings and independent initiatives.**

+ **Assist in the implementation of the Company GRC system, policies, standards, and processes.**

+ **Responsible for end to end programs, such as performing testing for targeted compliance audits and reviews, communicating results and recommendations in clear and concise written reports; and collaborate with management to ensure corrective actions are implemented effectively.**

+ **Validate system requirements, flows, and written procedures through testing and observations, and to ensure regulatory compliance operating procedures and controls**

+ **Have a diverse technical background, professional security credentials, demonstrated**

**Education: Bachelor of Science degree in the field of Computers, Engineering, or Mathematics preferred.**

**Experience: 5-8+ years of audit or compliance experience. Technical Career Pathway (TCP) role. Supervisory: No.**

**Environmental Requirements:This position may be responsible for contributing to AT&T's compliance with environmental laws and regulations as applicable to its job function. This may include, but is not limited to, work related to fuel tanks, emergency and stand-by generators, boilers, hazardous waste, hazardous materials, batteries, manholes and vaults, water wells, linear and other construction projects, water discharge, or air emissions.**
We expect employees to be honest, trustworthy, and operate with integrity. Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status.


Posted: 2021-04-07 Expires: 2021-05-07

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior-Technology Security

Chicago, IL 60684

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast