Manager, IT Security GRC

Summary of Position

The Manager of IT Security GRC (Governance, Risk and Compliance) is responsible for aligning IT Security with business goals, while managing risks and meeting all industry and government regulations. The incumbent in this role is the primary point of contact and interface between IT and both Internal/External Audit. This position requires a seasoned security professional with a deep understanding of cyber security practices, audit and compliance processes and regulations, as well as excellent people and communications skills.

Responsibilities

• Assist the CISO in developing and implementing policies, procedures, and controls that ensure compliance with laws, regulations, and industry best practices.
• Perform security risk assessments to identify gaps, come up with recommendations for remediations, and work with the Security Team to plan projects to close the gaps.
• Scheduling and orchestrating internal tabletop exercise for various scenarios such as disasters, cyber attacks and system outages.
• Leadership role in the SOX Audit effort required from IT Security by working with Internal/External Audit to gather compliance evidence and work though any potential issues.
• Leadership role in the development and updating of Lionsgate departmental Business Continuity Plans.
• Development of periodic reports for the Audit Committee of the Board, the SEC and Cyber Insurance.
• Working with Lionsgate business units to implement data governance across the enterprise, including the development of data classification and data protection strategies.
• Participation in other security projects and duties as assigned by the CISO.
• Assist in Incident Response and day-to-day Security Operations.

Qualifications and Skills

• 5-7 years of experience working various IT and Security Control frameworks (PCI, HITRUST, ISO, NIST, CIS, CSA, and etc...)
• 3-5 years of experience working in an IT or Security Audit function. Media & Entertainment Industry experience is a big plus
• Strong understanding of relevant laws, regulations, and industry standards such as CCPA, GDPR and SEC guidelines
• Experience performing internal audits and interfacing external security audits like SOX
• Excellent analytical and problem-solving skills
• Strong communication and interpersonal skills
• Proven ability to work in a fast-paced environment with multiple priorities that require strong project management, prioritization and decision-making capabilities
• Ability to work independently and as part of a team
• Ability to develop and implement policies, procedures, and controls
• Strong understanding of Risk Management principles
• Bachelor's degree in information technology, business administration, or a related field, or specific domain experience in lieu of a degree
• Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA), or the commitment to gain such a certification within the first 12 months of employment

Nice to Haves

• Expertise in enterprise data classification, data protection and data loss prevention
• Strong program management and a track record of delivering programs and initiatives in line with enterprise objectives and on tight timelines
• Experienced with Security incident response and remediation efforts
• Ability to think clearly and remain focused in crisis situations

Our Benefits

• Full Coverage – Medical, Vision, and Dental
• Work/Life Balance – generous sick days, vacation days, holidays, and Impact Day
• 401(k) company matching

Compensation

$125,000 - $130,000

EEO Statement

Lionsgate is an equal employment opportunity employer. All employees and applicants are evaluated on the basis of their qualifications, consistent with applicable state and federal laws. In addition, Lionsgate will provide reasonable accommodations for qualified individuals with disabilities. Lionsgate will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable state and federal law.