Cybersecurity Operational Risk Analyst

Job Description:

Scripps Networks Interactive, the leader in lifestyle media with top brands such as HGTV, Food Network, and Travel Channel, is searching for an Operational Risk Analyst in Knoxville, Tennessee to join our Cybersecurity and Risk team. In this entry level role reporting to the Director of Operational Risk Management, the analyst will be responsible for planning, organizing and executing enterprise-wide information security and risk management related initiatives and strategies in support of all business units and divisions.

WHAT WILL YOU BE DOING?

  • Act as a highly collaborative partner to all business units and key stakeholders accountable to:
    • Educate on change transformation and strategy execution of a risk-based decision-making
    • Drive information and infrastructure security awareness and governance deep into the organization, aligning with enterprise programs and objectives
    • Develop and report metric scorecards to reflect the level of adoption and compliance to security policies and standards, remediation of vulnerabilities, and residual risks
    • Coordinate with enterprise remediation working groups to align all activities for addressing findings and exceptions
  • Develops goals, plans, and success criteria needed to achieve the vision.
  • Learns and develops expertise performing operational risk & information security assessments and learns information security strategies
  • Translates business needs and regulatory requirements into educate employee and contingent workforce to successfully implement security policies, standards and guidelines
  • Develops training and awareness efforts for employees, contractors and visitors to establish a culture of “shared responsibility” to prevent or mitigate security incidents.
  • Continuously drives improvements to maximize value and effectiveness.
  • Provides cost and service effectiveness transparency to management.

WHAT DO YOU NEED TO HAVE?

  • BS/BA degree or equivalent experience
  • 1 year experience in risk/information security/IT education or awareness.
  • Obtained (or demonstrate an active pursuit of) one or more of the following certifications: CompTIA Security+, GSEC: SANS GIAC Security Essentials, GIAC Information Security Fundamentals (GISF)
    • Knowledge of security frameworks and control objectives (e.g., NIST Cybersecurity Framework, ISO 2700x)
    • Knowledge of Systems Development Life Cycle (SDLC) methodologies with the capacity to assist project teams on how to incorporate security controls in compliance with policies and standards
    • Ability to drive results:
      • Creates value and opportunity by leveraging innovative approaches
      • Achieve strategic goals through operational excellence
      • Personally invests in driving superior results
      • Acts collaboratively with a “shared responsibility” mindset
      • Simplifies complexity wherever possible
    • Incorporates knowledge, finding new and innovative ways to solve security and risk challenges
    • Anticipates new trends and organizational needs
    • Ability to clearly articulate information security fundamentals to management
    • Ability to successfully collaborate with multiple technical functions in the areas of security, infrastructure, technical operations, software engineering and customer support
    • Ability to establish and maintains strong working relationships with groups involved with information security education activities such as the Legal Department, Internal Audit, & HR
    • Comfortable initiating change; consciously managing and shaping change
    • Able to handle the stress related to balancing multiple issues and perspectives
    • Excellent written and verbal communication skills and effectively interact with all levels of management from application developers to executive leadership
    • Planning and organizational skills
    • Knowledge regarding related state, local and federal laws, regulations and proven practices

 

WHAT ARE THE BENEFITS?

  • Full-time position (40 hours/week) with competitive compensation package
  • Eligible for full insurance benefits (medical, vision, dental, prescription)
  • Eligible for retirement benefits (401k+matching+additional funds for age/service)
  • Fantastic paid time off package of 19 days in 1st year (includes vacation, sick and personal days)
    • 9-10 company paid holidays a year on top of that!
  • Industry leading maternity/paternity leave program
  • Tuition Reimbursement Program
  • Identity theft protection, access to legal services and more!

 

WANT TO LEARN MORE?

 

ABOUT SCRIPPS NETWORKS INTERACTIVE

Scripps Networks Interactive is one of the leading global developers of inspiring lifestyle content in the home, food and travel categories for television, Internet and emerging platforms. With powerhouse brands-HGTV, DIY Network, Food Network, Cooking Channel, Food.com, Travel Channel and Great American Country, Scripps Networks engages with millions of passionate consumers in more than 180 countries across the globe. Along with its popular US brands, Scripps’ international reach also extends to TVN, Poland’s multi-platform commercial media company; UKTV, an independent joint venture with BBC Worldwide; lifestyle channel Fine Living and Asian Food Channel in Singapore. For more information, visit http://www.scrippsnetworksinteractive.com.      

Source:https://sni.wd5.myworkdayjobs.com/en-US/ScrippsNetworksInteractiveCareers/job/Knoxville-TN/Cybersecurity-Operational-Risk-Analyst_J101382