25 days old

Sr. Third Party Data Security Analyst

Discovery Inc
Sterling, VA 20164
Apply Now
Apply on the Company Site
  • Job Code
    125455509
Discovery Inc

Location: Sterling, Virginia, United States, Req ID: 946

Discovery hires the very best and brightest talent who are enthusiastic and passionate to fulfill the company's mission of empowering people to explore their world and satisfy their curiosity.

In exchange for their talent and drive, employees are provided with an engaging, diverse workplace and the resources they need to learn, thrive and grow in their careers.

Overview

Reporting directly to the Director, Information Security Risk Management, the Senior Third Party Data Security Analyst will support the assessment of third party risks. Assists in ensuring overall adherence to information security policy and standards and implementation of best practices by third parties with whom Discovery engages. Responsibilities will include business-as-usual delivery on risk assessments, contract reviews, consultation, and leading process improvement efforts.

In addition, this role will support activities related to managing Discovery's Data Security Program, with a primary focus on privacy. The Analyst is a technology and process focused security professional with an understanding of data protection threats and mitigating controls. They will support the Information Security Data Security Team's interaction with Discovery's Privacy Office and business stakeholders to develop, enhance, and govern the global data protection program; reviewing, assessing, and recommending policy and technical controls to ensure Discovery's Data Security Program is effective.

This role requires the ability to understand and assess information security risks posed and clearly communicate those risks to the business. It will apply global IT industry best practices to ensure Discovery uses information security risk management to foster business-enabling insights.


Responsiblities

  • Work with business to understand services provided by vendor, define scope of assessment and associated risks
  • Assess Vendor controls to identify, document, and clearly communicate key deficiencies to the business with non-technical speak
  • Coordinate across Information Security teams to incorporate technical reviews into overall assessments
  • Report on assessment outcomes, risk level and associated recommendations to remediate issues
  • Monitor corrective action plans against agreed upon timelines and actions and review evidence for closure
  • Review contracts to ensure appropriate data security terms, aligned with Discovery policies and standards, are included
  • Periodically reach out to vendors hosting our data regarding current threats to ensure they are taking necessary steps to reduce exposure
  • Support data security initiatives across both InfoSec Department and Privacy Office
  • Proactively recognize potential data security and compliance issues through review and analysis
  • Coordinate with business and IT teams, as a SME/InfoSec liaison, supporting data security initiatives
  • Assist in implementing and maintaining a tool(s) to manage risk assessments
  • Contribute to the team's continuous improvement efforts by identifying opportunities and leading implementation
  • Support reporting and analytics functions to drive value-add metrics that highlight breakdowns of third party information security risk, team productivity, and identify opportunities for process improvement
  • Assist in documenting and maintaining operating procedures


Requirements

  • 5-7 year's experience in information security, third party risk management and/or privacy
  • Ability to identify, and assess IT security controls against Discovery policies and standards and identify and communicate gaps
  • Comprehensive knowledge of third-party risk concepts and experience in performing vendor risk assessments
  • Strong understanding of privacy compliance programs (e.g., General Data Protection Regulation, California Consumer Privacy Act)
  • Ability to work collaboratively as part of a team, and across both business and technology functions
  • Proven record of leveraging real-world experiences to identify process improvements and drive their implementation
  • Detail-oriented individual with critical thinking, analytical, and problem solving skills
  • Demonstrated ability to interact, build relationships, and communicate well with members of team and management
  • Excellent communication skills, including the ability to present complex topics in clear, non-technical language; outstanding analytical, writing, and oral presentation skills
  • Demonstrated ability to manage multiple tasks concurrently, be proactive, take ownership of and solve problems, and to deliver work products which are consistent with sound and ethical business practices, and common sense;
  • Active learner - able to enhance personal, professional, and business growth through new knowledge and experiences
  • Team-player with a "can do" attitude, capable of providing support to junior members of the team
  • Must have legal right to work in the United States


Discovery Communications, Inc. is an equal opportunity employer. Discovery is committed to being an employer of choice, not just a good place to work, but a great and inclusive place to work. To that end, we strive to recruit and maintain a workforce that meaningfully represents the diverse and culturally rich communities that we serve. Qualified applicants will receive consideration for employment without regard to their race, color, religion, national origin, sex, sexual orientation, gender identity, protected veteran status or disabled status or, genetic information.

We will consider for employment all qualified applicants, including those with criminal histories, in a manner consistent with the requirements of applicable state and local laws, including but not limited to all local Fair Chance Ordinances.

EEO is the Law
Pay Transparency Policy Statement
California Job Applicant Privacy Policy

If you are an individual with a disability and need an accommodation during the application process, please send an email request to [email protected]



PI125455509
Posted: 2020-10-30 Expires: 2020-12-01

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Sr. Third Party Data Security Analyst

Discovery Inc
Sterling, VA 20164

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast