Security Engineer (L5) - Governance and Assurance

3 Months ago • All levels • Cyber Security • $100,000 PA - $720,000 PA

Job Summary

Job Description

Netflix seeks a second-line Enterprise Governance and Assurance Engineer (L5) to support its continued growth and innovation while mitigating existential risks. Responsibilities include designing and implementing automation for partner trust and SOX processes; designing security controls and risk assessment frameworks; developing policies and compliance programs; evaluating risks; creating reporting metrics; leading cross-functional projects; documenting assurance failures; integrating GRC systems; and serving as a policy and control alignment expert. The ideal candidate is a GRC generalist with experience in security, risk, governance, audit, and compliance, ideally with understanding of studio and content development. This role requires strong technical writing, critical thinking, and the ability to influence business partners and mentor other teams.
Must have:
  • SOX compliance expertise
  • GRC generalist experience
  • Automation design & implementation
  • Risk assessment & policy development
  • Strong technical writing & critical thinking
  • Cross-functional project leadership
Good to have:
  • Studio/content development understanding
  • Experience with NIST CSF 2.0, ISO 27001, PCI DSS
  • International standards experience (GDPR, NIS-2, etc.)
  • Audit experience
Perks:
  • Comprehensive health plans
  • Mental health support
  • 401(k) retirement plan with employer match
  • Stock option program
  • Disability programs
  • Flexible time off
  • Paid leave of absence programs

Job Details

Netflix is one of the world's leading entertainment services, with 283 million paid memberships in over 190 countries enjoying TV series, films and games across a wide variety of genres and languages. Members can play, pause and resume watching as much as they want, anytime, anywhere, and can change their plans at any time.

Netflix is seeking a second-line Enterprise Governance and Assurance Engineer (L5). The ideal person will be a strong Governance, Risk, and Compliance (GRC) generalist with a deep passion for governance. We seek a problem-solver with a comprehensive understanding of the regulatory landscape and cloud technologies. Experience in security, risk, governance, audit, process excellence, and compliance is mandatory, an understanding of studio and content development is a plus.

The Team

The Enterprise Governance & Assurance organization is responsible for helping Netflix take the appropriate security and technology risks to support continued growth and rapid innovation while protecting the company from existential harm. This role sits in our Governance, Compliance, and Engineering team and supports the business in improving decision-making by understanding our risks.

Key Responsibilities:

  • Design and implement automation for partner trust, assurance, compliance, and regulatory activities, especially for SOX processes. Design and oversee security controls, risk assessment frameworks, policy development, and compliance programs.

  • Evaluate risks and develop security standards, procedures, guidelines, and policies for information and data governance in collaboration with the business areas.

  • Develop reporting metrics, dashboards, and evidence artifacts demonstrating the value of governance. 

  • Create, optimize, and support cross-functional working groups and projects to enhance the efficacy and effectiveness of policy and guidance across the organization.

  • Document and report assurance failures, inconsistencies, and gaps to stakeholders.

  • Integrate GRC systems with cross-functional stakeholder systems to ensure accuracy and consistency. 

  • Be the subject matter expert for policy development and control alignment. 

  • Enterprise risk management and business continuity experience helpful

In your day-to-day, you will need to exercise sound judgment, curiosity, and flexibility in making trade-offs between short versus long-term security and business goals. You will demonstrate resilience and navigate difficult situations with composure and tac, to achieve a great outcome for the business. You will succeed in this role by regularly analyzing your performance with a critical eye. A broad understanding of the Netflix business and its partnerships is required. This position will also provide training, advice, and mentorship to other teams throughout Netflix on the value of governance.

What You'll Bring:

  • Strong technical writing and critical thinking skills grounded in enterprise governance principles, quantitative risk analysis, and meeting people where they are with an eye toward maturing the governance program. 

  • Data (including metadata), information (throughout its lifecycle), identity, and privacy governance skills and knowledge required.

  • Well-versed in SOX compliance regulations, specifically control design for user access review automation and integration of various tools and applications.

  • Expertise with frameworks such as NIST CSF 2.0, ISO 27001, PCI DSS, etc.

  • Experience with international standards (GDPR, NIS-2, Cyber Resilience Act, K-ISMS (Korea).

  • Audit experience is a significant advantage. Additional qualities include careful consideration of control design, optimization of effective controls to meet control objectives, and achieving compliance as a byproduct of well-designed control implementation and assurance monitoring.

  • Ability to influence and lead business partners and supporting teams.

  • Resilience and composure in navigating difficult situations.

  • An eagerness to gain a comprehensive understanding of Netflix's business and partnerships. A person well-versed in risk appetite/tolerance and how it can be adapted for different tolerances in different parts of the business while still meeting control objectives is the type of mindset we seek.

  • Ability to provide training, advice, and mentorship to other teams.

Cultural attributes:

  • Ability to align with Netflix's unique culture .

  • Document compliance that satisfies regulators, brings consistency to procedures/guidance, and meets people where they are, while living Netflix’s culture principles of “context not control” and “guardrails not rules.”  

Compensation:

Generally, our compensation structure consists solely of an annual salary; we do not have bonuses. You choose each year how much of your compensation you want in salary versus stock options. To determine your personal top of market compensation, we rely on market indicators and consider your specific job family, background, skills, and experience to determine your compensation in the market range. The range for this role is 100,000 - $720,000.

Benefits:

Netflix provides comprehensive benefits including Health Plans, Mental Health support, a 401(k) Retirement Plan with employer match, Stock Option Program, Disability Programs, Health Savings and Flexible Spending Accounts, Family-forming benefits, and Life and Serious Injury Benefits. We also offer paid leave of absence programs.  Full-time hourly employees accrue 35 days annually for paid time off to be used for vacation, holidays, and sick paid time off. Full-time salaried employees are immediately entitled to flexible time off. See more detail about our Benefits here

Culture: 

Netflix is a unique culture and environment.  Learn more .

We are an equal-opportunity employer and celebrate diversity, recognizing that diversity of thought and background builds stronger teams. We approach diversity and inclusion seriously and thoughtfully. We do not discriminate on the basis of race, religion, color, ancestry, national origin, caste, sex, sexual orientation, gender, gender identity or expression, age, disability, medical condition, pregnancy, genetic makeup, marital status, or military service.

is a Netflix value and we strive to host a meaningful interview experience for all candidates. If you want an accommodation/adjustment for a disability or any other reason during the hiring process, please send a request to your recruiting partner.

We are an equal-opportunity employer and celebrate diversity, recognizing that diversity builds stronger teams. We approach diversity and inclusion seriously and thoughtfully. We do not discriminate on the basis of race, religion, color, ancestry, national origin, caste, sex, sexual orientation, gender, gender identity or expression, age, disability, medical condition, pregnancy, genetic makeup, marital status, or military service.

Job is open for no less than 7 days and will be removed when the position is filled.

Similar Jobs

VGW - Engineering Manager

VGW

Sydney, New South Wales, Australia (On-Site)
2 Months ago
Payactiv - Software Engineer

Payactiv

Milpitas, California, United States (Hybrid)
6 Months ago
Zuru - Head of Sales - Germany

Zuru

Frankfurt, Hessen, Germany (Remote)
6 Months ago
The Walt Disney Company - Principal Product Designer

The Walt Disney Company

Glendale, California, United States (On-Site)
4 Weeks ago
The Mill Adventure - Chief Information Security Officer

The Mill Adventure

Malta (Remote)
1 Week ago
PwC - Digital Risk Solutions Manager

PwC

Vancouver, British Columbia, Canada (On-Site)
5 Months ago
ION - Network Security Engineer

ION

Milan, Lombardy, Italy (Hybrid)
6 Months ago
Crytek - Senior Game Security Engineer

Crytek

Frankfurt, Hessen, Germany (On-Site)
10 Months ago
ByteDance - Senior Technology Internal Auditor (Global Technology Audit)

ByteDance

Singapore (Hybrid)
4 Weeks ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Worlds - Unreal VFX - Niagara

Worlds

(Remote)
1 Month ago
PwC - Senior Associate_ PPP Structuring_ Social_ Advisory_  Gurugram

PwC

Gurugram, Haryana, India (On-Site)
6 Months ago
The Walt Disney Company - Principal Product Designer

The Walt Disney Company

Glendale, California, United States (On-Site)
4 Weeks ago
ByteDance - Sales Operations Specialist

ByteDance

Singapore (On-Site)
2 Months ago
Interface AI - Engineering Manager

Interface AI

Hyderabad, Telangana, India (Remote)
4 Months ago
Evolution - Customer Service - Korean Speaking Online Game Presenter - $24.75/hour + bonus (Live Casino Dealer)

Evolution

Burnaby, British Columbia, Canada (On-Site)
7 Months ago
TiMi Studio Group - Level Design Intern (Ancient China History Research)

TiMi Studio Group

(On-Site)
1 Month ago
PwC - IN-Director_SAP Functional_SAP_Advisory_Bangalore

PwC

Gurugram, Haryana, India (On-Site)
6 Months ago
Playtika - IT Service Team Leader

Playtika

Israel (On-Site)
5 Months ago

Get notifed when new similar jobs are uploaded

Jobs in United States

Sony Pictures Animation - Character Designer

Sony Pictures Animation

Culver City, California, United States (On-Site)
7 Months ago
Scale AI - AI Product Manager, Generative AI

Scale AI

San Francisco, California, United States (On-Site)
6 Months ago
On Location - Coordinator, International Federations - Olympic & Paralympic Games

On Location

New York, New York, United States (Hybrid)
1 Month ago
My Fitness Pal - Senior Product Manager

My Fitness Pal

United States (Remote)
1 Month ago
The Walt Disney Company - Construction Sewing Specialist

The Walt Disney Company

Florida, United States (On-Site)
2 Months ago
ByteDance - Senior Software Engineer, Payment Network

ByteDance

San Jose, California, United States (On-Site)
6 Months ago
Hypixel Studios - Principal Engineer - Project Technical Lead

Hypixel Studios

United States (Remote)
3 Weeks ago
Cat Daddy - Sr. HR Business Partner

Cat Daddy

Kirkland, Washington, United States (On-Site)
3 Weeks ago
Next Level Business Services - Business Analyst - Mobility

Next Level Business Services

Collegeville, Pennsylvania, United States (On-Site)
6 Months ago
ByteDance - Research Scientist Intern (Doubao (Seed) - Music Foundation Model) - 2024 Summer (PhD)

ByteDance

San Jose, California, United States (On-Site)
5 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

NVIDIA - Director, Security Systems and Technology

NVIDIA

Santa Clara, California, United States (On-Site)
3 Months ago
The Walt Disney Company - Senior Security Specialist, Third-Party Risk Management

The Walt Disney Company

New York, New York, United States (On-Site)
4 Weeks ago
PwC - CISO Information Security Associate

PwC

Bangkok, Bangkok, Thailand (On-Site)
2 Weeks ago
PwC - IN-Senior Associate_SmartCitiesGIS _Cities_Advisory _Ahmedabad/Mumbai/Delhi

PwC

Ahmedabad, Gujarat, India (On-Site)
4 Months ago
Axon - Senior Security Engineer

Axon

Scottsdale, Arizona, United States (Hybrid)
4 Months ago
undefined - Senior Application Security Engineer

Hyderabad, Telangana, India (On-Site)
6 Months ago
PwC - Internship program - Risk Consulting

PwC

Bangkok, Bangkok, Thailand (On-Site)
6 Months ago
Notion - Application Security Engineer

Notion

San Francisco, California, United States (On-Site)
5 Months ago
PwC - IT Audit Senior Manager

PwC

Bangkok, Bangkok, Thailand (On-Site)
6 Months ago

Get notifed when new similar jobs are uploaded

About The Company

Netflix is one of the world's leading entertainment services with over 247 million paid memberships in over 190 countries enjoying TV series, films and games across a wide variety of genres and languages. Members can play, pause and resume watching as much as they want, anytime, anywhere, and can change their plans at any time.

Paris, Île-de-France, France (On-Site)

Seoul, South Korea (On-Site)

Bogota, Colombia (On-Site)

Warsaw, Masovian Voivodeship, Poland (On-Site)

United States (Remote)

Los Gatos, California, United States (On-Site)

Los Gatos, California, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Netflix

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug