NBCUniversal

Director, Cyber Governance and Controls

NBCUniversal

full-time

Posted on:

Location Type: Remote

Location: Remote • New Jersey • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $155,000 - $200,000 per year

Job Level

Lead

Tech Stack

AWSCloudCyber SecurityRPA

About the role

  • Lead Governance, Controls, and Vendor management teams in partnership with Risk Management and Compliance
  • Engage cyber platforms and enterprise engineering teams to align security tooling and baseline configurations with controls and policy
  • Engage cyber Information Security Officers and security managers, to help translate policy and enable business functions
  • Serve as the primary contact and subject matter expert for NBCU policies, controls, and vendor management
  • Build partnerships with Enterprise Technology, Legal, and Procurement to strengthen our comprehensive approach to 3rd parties.
  • Direct teams to document, communicate and enforce security improvements that balance risk with business operations and ensure controls do not weaken efficiencies or business innovation.
  • Escalate identified vendor issues and gaps that may place the business at risk.
  • Manage strategy and operation for the vendor risk management lifecycle from inception through termination.
  • Define key performance indicators and key risk indicators and include them when reporting to cybersecurity and risk management leadership.
  • Use advanced technologies—e.g., robotic process automation and AI/machine learning—to improve operation.
  • Support risk assessments of vendor technologies
  • Document, communicate, and enforce cybersecurity standards that balance risk with business operations
  • Deliver monthly reporting to leadership, aligning with organizational objectives and team directives
  • Support audit and compliance activities to help secure the enterprise by documenting the approach, necessary controls, gathering supporting evidence, provide requirements to health/hygiene dashboards
  • Give and receive constructive feedback in a team environment, fostering a culture of continual improvement and excellence
  • Demonstrate Strong written/verbal communication and presentation skills with the ability to tailor to both technical, and non-technical audiences

Requirements

  • Bachelor’s Degree in an IT-related field and/or equivalent work experience.
  • 8+ years of experience in GRC, including roles in security analysis, compliance and risk management.
  • Exposure to cloud providers (AWS, Google, Microsoft) and security configuration and management preferred.
  • Wide-ranging knowledge in technical infrastructure and applications, from legacy through next generation.
  • Knowledge of GRC for cloud computing, including validation of security configurations, resiliency and data protection.
  • Versed in vulnerability management; emerging threats; insider risk; resiliency; and attacker tactics, techniques and procedures.
  • Working knowledge of network protocols, web application architecture, and common vulnerabilities.
  • Experience working with external vendors and internal technical teams.
  • Excellent organizational, communication, and documentation skills.
  • Ability to manage multiple concurrent projects and deadlines.
  • Engage in learning constantly; actively experimenting and working with new technologies with quick instincts for picking up and developing expertise in new problem domains
  • Knowledge of best practices in the Cyber Security industry, including OWASP Top 10 and CWE/SANS Top 25.
  • Excellent time management skills to appropriately prioritize multiple concurrent projects.
Benefits
  • Medical insurance
  • Dental insurance
  • Vision insurance
  • 401(k)
  • Paid leave
  • Tuition reimbursement
  • Variety of discounts and perks

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
GRCsecurity analysiscompliancerisk managementvulnerability managementnetwork protocolsweb application architecturecloud computingrobotic process automationAI/machine learning
Soft skills
communication skillsorganizational skillsdocumentation skillstime managementteam collaborationconstructive feedbackpresentation skillsproject managementadaptabilityproblem-solving