Business Information Security Officer
About the Job
Business Unit: Can you manage multiple complex priorities and competing agendas without express authority over delivery teams? IN THIS ROLE WHAT YOU WILL DO In Partnership WHAT SUCCESS LOOKS LIKE WHAT YOU SHOULD POSSESS WHAT YOU CAN EXPECT WHAT WE REQUIRE OTHER RESPONSIBILITIES Comcast is an EOE/Veterans/Disabled/LGBT employer
Are you able to translate the needs of the business into actionable activities for the information security team?
Do you have a track record of successfully overseeing implementation of security programs across the enterprise?
Can you exercise professional skepticism when identifying and assessing risk?
If yes, we want to hear from you!
Reporting to Comcast's Vice President, Security Solutions Delivery, you will be working with some of the leading security experts as well leaders of the Comcast Business units, your job will be to oversee the execution of Information Security Risk Management practices across all Comcast business units. As a trusted advisor, you will need to understand the requirements of the business, find acceptable, cost-effective solutions that meet security goals, and communicate the importance of information security to all levels of the business. In addition, you will ensure the business complies with all Information Security Policies and continuously monitor and report on risks
- Oversee the establishment and execution of the Information Security Program within each business
- Oversee the integration of security risks within the enterprise operational risk framework
- Perform annual information security risk assessments; report risks and remediation plans at the business until level
- Actively participate in the information security incident response process; help shape remediation plans
- Ensure all applications and systems within each business adhere to the Access Management strategy; establish user access logs to monitor critical data access, including PII.
- Build a T&P Security Product and Service catalog and work with the BISO team and the rest of the T&P security team to keep it updated at a bi-annual cadence.
- Review and provide input into the Information Security Policy and Standards
- Establish reporting on the state and efficacy of security controls for the business units
- Ensure clear lines of communication between Business Units and the security team
- Secure ongoing funding for special/complex security projects
- Evangelizing security awareness across the business
- Increased levels of security across designated Business Unit AMB
- Improved compliance with security standards and policies across Business Unit teams AMB
- Greater awareness of information security and data privacy requirements (globally)
- Adoption of Enterprise Information Security Standards throughout the business environment
- Ability to interpret and apply policies and regulations across a large, complex business
- Analytical aptitude, investigative and critical questioning nature; data-driven decision making skills
- Excellent interpersonal skills to interact with leaders at multiple levels and facilitate team interactions
- Project management experience
- Strong understanding of audit/risk management methodologies and regulatory requirements for information security, privacy and data security
- CISSP, CISM, GIAC, OSCP or other relevant security certifications
- A cool and casual work environment where you will sharpen and showcase your skills within a team focused on beating cyber criminals
- A place that values results and teamwork, mentors our people, and supports individuals as they pave their own way to success
- A culture of continuous learning and innovation with formal and informal learning and growth opportunities
- Bachelor's Degree or equivalent experience
- 6-9 years of information technology, IT project/program management, or cyber security related experience.
- Ability to travel as needed.
- Discipline to handle confidential matters with appropriate sensitivity
- Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) as necessary.
- Other duties and responsibilities as assigned
Can you manage multiple complex priorities and competing agendas without express authority over delivery teams?
IN THIS ROLE
WHAT YOU WILL DO
WHAT SUCCESS LOOKS LIKE
WHAT YOU SHOULD POSSESS
WHAT YOU CAN EXPECT
WHAT WE REQUIRE
Comcast is an EOE/Veterans/Disabled/LGBT employer