The Job
The IT Security Risk Analyst Vendor Risk Mgmt. will support the assessment of information security risks across all of Warner Bros. Discovery’s (WBD’s) third party suppliers/vendors.  This role requires the ability to understand and assess information security risks posed by third parties and clearly communicate those risks to the business.  It will apply global IT industry best practices to ensure WBD uses third party information security risk management to foster business-enabling insights.

RISK ASSESSMENTS

• Use WBD processes and tools to perform 3rd party vendor risk assessments, for new and existing vendors
• Work with business to understand the “what” and “how” of services provided by vendor to assess level of risk and scope of assessment
• Perform timely assessments of Vendor controls to identify, document, and communicate key deficiencies to the business and Information Security management
• Report on assessment outcomes, risk level and associated recommendations to remediate issues

• Assist with follow-up on documentation requests for initial and periodic assessments

FINDINGS MANAGEMENT

• Monitor corrective action plans against agreed upon timelines
• Review remediation evidence for closure of findings

CONTRACT REVIEWS

• Review contracts to ensure appropriate data security terms are included
• Provide comment and acceptable alternatives to vendor contract revisions, in alignment with defined guidance
• Escalate provision changes, as needed

The Essentials

• BS/BA degree required
• 3-5 years’ experience in information security, with at least one (1) year experience in third party risk management
• Knowledge of IP network infrastructure (firewalls, intrusion detection/prevention), access control, data encryption and physical security; Cloud security knowledge a plus
• Excellent communication skills, including the ability to communicate effectively in English, both written and verbal
• Ability to present complex topics in clear, non-technical language
• Detail-oriented individual with critical thinking, analytical, and problem-solving skills
• Demonstrated ability to be proactive and take ownership of and solve problems
• Active learner - able to enhance personal, professional, and business growth through new knowledge and experiences
• Ability to handle multiple assignments concurrently within an iterative environment