At the NBA, we’re passionate about growing and celebrating the game of basketball. Through the intensity of the game and the amazing athletic skill of our players, we deliver excitement to hundreds of millions of fans around the world.
As a global sports and media business, the NBA is so much more. While Basketball Operations runs the league’s on-court activities, other departments manage relationships with television and digital media partners, develop marketing partnerships with some of the world’s most recognizable companies, oversee the licensing of NBA merchandise, and handle a wide range of responsibilities that drive the NBA’s success.
The NBA is a global sports and media business built around three professional sports leagues: the National Basketball Association, the Women’s National Basketball Association, and the NBA G League. Named as one of the top 10 most Innovative Companies by FastCompany, the NBA continues to grow rapidly in popularity and scale across the globe – and technology is a key ingredient in supporting our ambitious goals. The league has established a major international presence with games and programming in 215 countries and territories in 49 languages, and NBA merchandise for sale in more than 125,000 stores in 100 countries on 6 continents.
NBA Digital’s assets include NBA TV, NBA.com, NBA App and NBA LEAGUE PASS.
As a Cybersecurity Data Protection Analyst, you would be promoting, formalizing and strengthening the strategic data protection roadmap by working with the stakeholders. In this role, you will lead by example and earn the trust of the internal teams and senior management. You would be working on implementing intelligent, risk-based practices that protect the Confidentiality, Integrity, and Availability of the NBA’s and our customer’s data.
The Cybersecurity Data Protection Analyst is expected to lead through influence, communicate effectively through clarity of thought and demonstrate an understanding of technical requirements.
Identifying and documenting the key drivers for data protection strategy, including business needs, threats, and operational usability issues
Identifying and documenting the services and systems needed to enable data protection concept across all environments
Manage functional and non-functional requirements for product selection and deployment
Determining target state controls to measure coverage and effectiveness
Working with vendors and engineering to define implementation stages and dependencies
Advocating for the changes (operational, technical, people) that need to occur to achieve the target state
Manage monthly data protection governance meetings
Establish and improve KPIs, and trend analysis for data protection functions
Manage the development and publishing of the periodic Data Protection metrics & reports
Maintain program procedures and supporting documents, ensuring that procedure documents remain current
Follow up on data protection alerts with business users and systems owners
Drive awareness of regulatory (i.e., GDPR) and controls obligations and ensures timeliness of response
Perform data mapping, DPIA, and other applicable GDPR assessments
Also, you will work across the technology groups to:
Facilitate the adoption of data protection requirements within projects
Ensure adherence to applicable/established data protection controls
Identifying control and usability deficiencies
Partner with developers and other stakeholders to produce repeatable and measurable results
Exposure to national and international laws, regulations, policies and ethics related to Cybersecurity
At least two years of experience working with a group delivering data protection solutions for adoption by diverse consumers across an enterprise
Five or more years of multifunctional technical expertise in two (or more) of the following technology areas: Data Security, Access Control, Infrastructure Security, Endpoint/Platform Security, Security Analytics, Automated Configuration Management or System Administration
Experience with programming or writing technical scripts
Knowledge in Cybersecurity practices, operations, risk management processes, principles, architectural requirements, engineering and threats, and vulnerabilities, including incident response methodologies, tactics, and strategy to protect, detect, respond and recover from attacks
Command of multiple technical disciplines, optimizing technical products and services
Strategically oriented and can influence at the group and organization level as needed
Expertise in working in partnership with colleagues throughout the organization, and in leading collaborative teams to achieve desired goals
Experience with data protection and privacy management tools such as Varonis and Nymity is desirable
BA/BS Degree in Engineering or Computer Science, or equivalent experience in Cyber Security /IT
We Consider Applicants For All Positions On The Basis Of Merit, Qualifications And Business Needs, And Without Regard To Race, Color, National Origin, Religion, Sex, Gender Identity, Age, Disability, Alienage Or Citizenship Status, Ancestry, Marital Status, Creed, Genetic Predisposition Or Carrier Status, Sexual Orientation, Veteran Status, Familial Status, Status As A Victim Of Domestic Violence Or Any Other Status Or Characteristic Protected By Applicable Federal, State, Or Local Law.