**This position can be located either in our Englewood Cliffs, NJ or Los Angeles, CA offices!
The Information Security Operations Manager, Consumer and Retail Operations will provide day-to-day input to a team of information security personnel responsible for all aspects of Information Security in the company’s Consumer facing and retail operations. This position will be focused on guiding and enforcing policy and defining security processes across the NBCUniversal business entities that engage in a direct-to-consumer business model.
Working closely with the Chief Information Security Officer, the successful candidate will be responsible for participating in the following activities:
1. Oversee the design, implementation and maintenance of information security controls for NBCU business interests in the Universal Studios theme parks and NBCU retail operations.
2. Manage the security function of the consumer-facing businesses. Identify risks and system needs, perform threat assessment of identified vulnerabilities, define solutions and set standards, establish security policies and procedures.
3. Maintain ownership of development, compliance and exceptions to established policy.
4. Provide active leadership for incident response and crisis situations. Develop and expand the capabilities of the response program and process.
5. Participate in enterprise Design Review sessions.
6. Perform R&D for security-specific technologies.
7. Work with other team members on policy compliance efforts in accordance with NBC Universal, industry regulations (PCI, HIPAA, SOX) and guidelines set forth by federal and local laws as applicable.
The Information Security Operations Manager, Consumer and Retail Operations must be proficient in a wide range of technologies and be passionate about reducing IT risk and protecting the environment, employees and company assets in all forms.
Qualifications / Requirements:
- Minimum 6 years combined experience in IT Infrastructure, networking and security.
- Minimum 4 years working with Internet, web and networking technologies in both Unix and Microsoft environments.
- Minimum 4 years working in a multi-dimensional program environment involving complex technologies and geographically disparate businesses.
- Minimum 3 years working with security technologies including IDS/IPS, PKI, digital certificates, encryption and authentication techniques.
- Minimum 2 years working in a highly regulated environment; first person experience with Payment Card Industry (PCI) Data Security Standard (DSS) enforcement required,
- Degree in Computer Science or equivalent field of study
- Training in Information Security-specific disciplines
- CISM, CISSP or SSCP certification
- Six Sigma trained; Green or Black belt certification
- Experience in large global environments spanning multiple time-zones
- Solid understanding of, and ability to speak authoritatively to, security principles such as authentication/authorization, access control, and forensic analysis.
- Demonstrated interpersonal, analytical, organizational, written and verbal communication skills.
- Demonstrated ability to communicate to all levels of an organization.
- Demonstrated knowledge of recognized IT Security-related standards and technologies.
- 22 months ago - save job