Empleo de IT Security Analyst, Vendor Risk Mgmt en Miguel Hidalgo, Ciudad de México - Vacante 104123 - MX

Publicado hace más de 30 días.

IT Security Analyst, Vendor Risk Mgmt en Warner Bros. Discovery

Sueldo oculto

Ciudad de México

Empleado de tiempo completo

Inglés: Nivel Avanzado

The Job
The IT Security Risk Analyst Vendor Risk Mgmt. will support the assessment of information security risks across all of Warner Bros. Discovery’s (WBD’s) third party suppliers/vendors.  This role requires the ability to understand and assess information security risks posed by third parties and clearly communicate those risks to the business.  It will apply global IT industry best practices to ensure WBD uses third party information security risk management to foster business-enabling insights.


RISK ASSESSMENTS

  • Use WBD processes and tools to perform 3rd party vendor risk assessments, for new and existing vendors
  • Work with business to understand the “what” and “how” of services provided by vendor to assess level of risk and scope of assessment
  • Perform timely assessments of Vendor controls to identify, document, and communicate key deficiencies to the business and Information Security management
  • Report on assessment outcomes, risk level and associated recommendations to remediate issues
  • Assist with follow-up on documentation requests for initial and periodic assessments

FINDINGS MANAGEMENT

  • Monitor corrective action plans against agreed upon timelines
  • Review remediation evidence for closure of findings

CONTRACT REVIEWS

  • Review contracts to ensure appropriate data security terms are included
  • Provide comment and acceptable alternatives to vendor contract revisions, in alignment with defined guidance
  • Escalate provision changes, as needed


The Essentials

  • BS/BA degree required
  • 3-5 years’ experience in information security, with at least one (1) year experience in third party risk management
  • Knowledge of IP network infrastructure (firewalls, intrusion detection/prevention), access control, data encryption and physical security; Cloud security knowledge a plus
  • Excellent communication skills, including the ability to communicate effectively in English, both written and verbal
  • Ability to present complex topics in clear, non-technical language
  • Detail-oriented individual with critical thinking, analytical, and problem-solving skills
  • Demonstrated ability to be proactive and take ownership of and solve problems
  • Active learner - able to enhance personal, professional, and business growth through new knowledge and experiences
  • Ability to handle multiple assignments concurrently within an iterative environment