Executive Director, IT Security And Compliance (Sn1000593)

Starz Englewood , CO 80110

Posted 3 months ago

The Executive Director, IT Security and Compliance, is responsible for establishing and maintaining the information security program to ensure that Starz information assets and associated technology, applications, systems, infrastructure, and processes are adequately protected. The Executive Director is responsible for identifying, evaluating and reporting on legal and cybersecurity risks to information assets, while supporting and advancing business objectives. This includes securing Starz programming content and the partner ecosystem that supports production.

The Executive Director will be responsible for implementing and running the enterprise information security program. He/she will proactively work with Starz functional departments and partners to implement practices that meet agreed-on policies and standards for information security. He/she will oversee a variety of cybersecurity and risk management activities related to IT to ensure the achievement of business outcomes.

The Executive Director must be knowledgeable about Starz internal and external business environments, ensure that information systems are maintained in a fully functional and secure mode, and are compliant with legal, regulatory and contractual obligations. This position reports to the Sr. Vice President, IT Services.


  • Lead the information security function across Starz to ensure consistent and high-quality information security management in support of the business goals. Serve as a primary point of contact to all functional areas to ensure consistent application of policies and standards across all technology projects, systems and services, including privacy, risk management, compliance and business continuity management.

  • Serve as the security, privacy and compliance lead for Starz. This role is the Point of Contact (PoC) for all security and privacy efforts within the organization, including Governance, Risk and Compliance, Application Security, Identity and Access Management, Security Operations Management and Audit. This role also serves as a liaison to Lionsgate IT Security.

  • Maintain and update the security management and controls framework, based on an industry framework, such as National Institute of Standards and Technology (NIST), CoBIT and/or Center for Internet Security (CIS).

  • Develop a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the information security. Provide regular reporting to management.

  • Manage the budget for the information security function.

  • Manage a team of IT Security professionals. This includes hiring, training, staff development, performance management and annual performance reviews.

  • Ensure that security is embedded in the project delivery process by providing the appropriate information security policies, practices and guidelines.

  • Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.

  • Oversee the Security Incident Response plan and procedures to ensure that business- critical services are recovered in the event of a security event; provide direction, support and in-house consulting in these areas.

  • Liaise with external agencies, such as the FBI, law enforcement and other advisory bodies, as necessary, to ensure that the organization maintains a strong security posture and is kept well-abreast of the relevant threats identified by these agencies.

  • Create a risk-based process for the assessment and mitigation of any information security risk, consisting of supply chain partners, vendors, consumers and any other third parties. Work effectively with business units to facilitate information security risk assessment and risk management processes.

  • Work with Legal and Procurement to ensure that information security requirements are included in contracts.

  • Manage the information security awareness training program for all employees, contractors and Production staff.

Required Skills

  • Minimum of seven to 10 years of experience in a combination of IT Security and IT Services. At least five years should be at a senior leadership leve CISM and/or CISSP strongly preferred.

  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical audiences

  • Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs in a dynamic business environment

  • Poise and ability to act calmly and competently in high-pressure, high-stress situations

  • Must be a critical thinker, with strong problem-solving skills

  • Strong knowledge and understanding of relevant legal and regulatory requirements, such as: Sarbanes-Oxley (SOX) and General Data Protection Regulation (GDPR). Strong knowledge and understanding of security frameworks, including National Institute of Standards and Technology (NIST), CoBIT, Center for Internet Security (CIS) and ITIL.

  • Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives

  • Ability to lead and motivate the information security team to achieve tactical and strategic goals, even when only "dotted line" reporting lines exist.

  • Experience with contract and vendor negotiations

  • High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity

STARZ (www.starz.com), a Lionsgate company (NYSE: LGF.A, LGF.B), is a leading global media and entertainment company that provides premium subscription video programming on domestic U.S. pay television networks and produces and distributes content for worldwide audiences, including its investment in the STARZ PLAY Arabia OTT service.

STARZ is the ultimate destination for obsessable TV, movies and more. Characters who pull you in and stories that stay with you. From bold Original Series to the best movies, whatever you love, STARZ ignites your passions.

STARZ offers a competitive compensation package and an attractive benefits program to all eligible employees including a variety of healthcare plans, dental and vision insurance, 401k, life/disability insurance. Eligible employees will enjoy paid time off in the form of vacation and company holidays.

STARZ is an Equal Opportunity Employer. This means that all applicants will receive consideration for employment regardless of gender, age, race, national origin, disability, color, religion, sexual orientation, gender identity and/or expression, veteran status, or any other characteristic protected by federal, state or local law. In addition, STARZ will provide reasonable accommodations for qualified individuals with disabilities.

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Assoc Director Corporate Security

Cognizant Technology Solutions

Posted 2 weeks ago

VIEW JOBS 11/28/2018 12:00:00 AM 2019-02-26T00:00 Associate Director, Corporate Security Description This position's scope is focused on the Cybersecurity Oversight and Governance for related services within Cognizant Healthcare. Cognizant Healthcare solutions reach 250,000 care providers, streamline processes for more than 350 payers and touch over half the U.S. insured population. Cognizant requires a Security Leader to help develop and execute the Security Program for one of our Cognizant Healthcare solutions. The Associate Director –GRC/IRM supports strategic and technical initiatives, including performance of operational risk assessments, managing risk acceptance activities, developing annual risk posture and remediation recommendation report, and completion verification reviews of security projects and initiatives. This position will have responsibility for governance integration for this solution. Candidates will have a proven ability to infuse innovation and creativity into tactical and strategic planning with a focus on exceptional customer service. The Individual will execute, drive enhancements and strategic initiatives, and track projects. Key Responsibilities include: * Serve as a leader for a specific Healthcare account for Governance, Risk, and Compliance, spanning across all functions. * Execute policies, standards and procedures specific set by enterprise standards and account specific standards as they apply to Security Governance, Risk, and Compliance requirements. * Sustains and improves the Security Governance, Risk, and Compliance program through discussion and collaboration with account team and Corporate Security leaders. * Ensure the production and improvement of the content, quality, and timing of security governance, risk and compliance analysis and reporting. * Manage and Lead Security Compliance Education and Awareness activities to ensure all associates understand, acknowledge and ultimately fulfill their responsibilities as defined in Cognizant. * Conduct regular project reviews and accurately communicates the status of projects in both formal and informal settings throughout project lifecycle. * Lead and execute security compliance reviews of master service agreements and advise business team regarding gaps and corresponding mitigation requirements * Assist in leading the Cyber Security risk assessment program for Cognizant Healthcare. * Assist in leading risk assessment activities coordinating with the security team, Senior Leadership, vendors, and contractors. * Serve as an expert advisor in the development, implementation, and maintenance of a company-wide information security policy and control framework. * Provide process improvement support in the functional area of Governance, Risk and Compliance. * Provide periodic analysis of corporate risk position, based on analysis of current controls status and current cyber threat landscape. * Assist in maintaining corporate risk register. * Assist in the development, configuration, and implementation of GRC toolsets. * Collect evidence of project completions and maintain program records. * Monitor developments in the information security industry including vendor strategies and communicate on the potential impact on or applicability to the organization. * Promote security culture and drive continuous security improvements. Ensure technical and operational security controls are incorporated into new systems and applications through participation in planning groups and the review of new systems, installations, and other major changes. * Provide advice and assistance to internal team and external entities (subcontractors, contractors and vendors) concerning the security of information and critical data processing capabilities. * Interpret HIPAA and HITRUST controls and properly apply the specifications across the operational responsibilities to help build cost-effective, scalable security controls and infrastructure to sustain certification levels across the enterprise. * Encourage new ways of thinking and performing activities while creating a team environment where members embrace change and adopt new practices. * Build rapport, credibility, and cohesion across all business unit teams and IT teams in the course of leading the projects. * Engages with and participates with cross-functional independent representations of management to ensure appropriate oversight and governance of the security program. * Ensures that assessment functions periodically review key programs related to information protection to obtain independent assessments of the security program effectiveness. * Periodically reports progress to management, and assesses and measures results related to Information Security activities. Cognizant US Corporation is an Equal Opportunity Employer Minority/Female/Disability/Veteran. If you require accessibility assistance applying for open positions in the US, please send an email with your request to CareersNA2@cognizant.com Qualifications Candidate must possess the following: * 10-15 years of combined experience between IT Security Governance and various Cyber Security disciplines. * 3-5 years of previous client facing and advisory experience required. Big4 IT risk management consulting experience a plus. * 5-7 years of experience in a Cyber Security or Risk Advisory role for regulated environments. * In depth knowledge in at least two of the following: HIPAA regulatory requirements, ISO27001 and ISO27002, NIST 800-53, HITRUST/NIST CSF (other regulatory experience may be considered). * Previous people management experience a plus. * Ability to create professional presentations using MS Office (Outlook, Excel, PowerPoint, and Word). * Project management skills with an ability to achieve results. * Bachelor's Degree in Computer Science, Engineering or related field desired. * CISM, CRISC, CISA, CISSP, or other relevant information security industry recognized certification required. About Cognizant Cognizant (NASDAQ-100: CTSH) is one of the world's leading professional services companies, transforming clients' business, operating and technology models for the digital era. Our unique industry-based, consultative approach helps clients envision, build and run more innovative and efficient businesses. Headquartered in the U.S., Cognizant is ranked 205 on the Fortune 500 and is consistently listed among the most admired companies in the world. Learn how Cognizant helps clients lead with digital at http://www.cognizant.com/or follow us on Twitter:USJobsCognizant. Cognizant is recognized as a Military Friendly Employer and is a coalition member of the Veteran Jobs Mission. Our Cognizant Veterans Network assist Veterans in building and growing a career at Cognizant that allows them to leverage the leadership, loyalty, integrity, and commitment to excellence instilled in them through participation in military service. Job Application Development / Application Maintenance Primary Location United States – Can be remote. Employee Status Permanent Schedule Full-time Job Type Standard Job Level Individual Contributor Travel <25%</FONT> Cognizant Technology Solutions Englewood CO

Executive Director, IT Security And Compliance (Sn1000593)