Job Title: (Sr.) GIS Governance Analyst
Reporting To: Director, Global Information Security
Location: Santa Monica, CA
He/she will have a strong background within information security to make a strong impact on the company's security program and services. The candidate will have experience with various Information Security concepts including data governance, risk management, metrics, audit, policy and standards development.
The (Sr.) GIS Governance Analyst will provide direct support to the GIS Director of Risk, Architecture and Engineering and follow up on necessary action items for the GIS Risk, Architecture, and Engineering team. The primary focus will be on data governance, audit, metrics, policy, standards and configuration baselines. This individual will work with various legal, IT, and business teams to establish continuous audit and metrics to measure adherence to internal and external requirements in relation to data governance and protection. (e.g., GDPR)
The primary focus areas will include:
* Develop and implement an appropriate information security policy framework ensuring owners for the policy documents and relevant approvers are identified
* Lead and support the creation, implementation, monitoring, and maintenance of security policies, standards, and processes
* Minimize security threats by examining governance, infrastructure, applications, systems, devices, and facilities to identify security flaws, using risk analysis and follow up on corrective action plan
* Provide guidance to internal partners to assist in the development of policies ensuring that the Company addresses any legal, regulatory or compliance security requirements
* Dissemination and promotion of a general understanding of information security risks and policies through an on-going information security awareness/culture change program
* Act as lead, subject matter expert, and project manager for security initiatives relating to compliance with applicable data protection such as GDPR
* Maintain the security control framework to measure adherence to policy, standards, and external compliance regulations
* Monitor existing controls and conduct periodic audits and reviews to ensure their efficiency and operating effectiveness, to ensure that compliance requirements are met and to identify and report on potential issues
* Define and communicate security governance and compliance priorities to IT support and business teams
* Research potential security control/solutions and, where applicable, implementation to support new Information Governance compliance initiatives
* Establish and maintain regular written and in-person communications pertinent to governance and security activities
* Examine incoming requests for exceptions to governance security control requirements and draft recommended decision memorandum to include requisite mitigation strategies
* Bachelor's degree in Computer Science, Information Systems, other related field; or equivalent work experience
* Minimum of four years of information security experience in a corporate or consulting environment
* Demonstrated exceptional passion and drive for cyber security as evidenced by self-driven past accomplishments that had significant positive impact to shareholders preferred
Any one or more of the following preferred
* Certified Information Systems Security Professional (CISSP) from ISC2
* (any) Global Information Assurance Certification (GIAC) from SANS
* Knowledge of common information security management frameworks and practices such as ISO/IEC 17799:2005 and ISO/IEC 270xx, National Institute of Standards and Technology (NIST), and the United States Computer Emergency Readiness Team (US-CERT)
* Strong understanding of security requirements, frameworks, templates, assessments, process maps, data flows in relation to data protection and GDPR
* Demonstrated experience with data governance, data mapping and regulatory security requirements
* Experience assessing, tracking, and documenting security requirements to meet data protection compliance
* Proven successful track record of leading data protection issues
* Prior experience working in projects dealing with compliance and data protection regulations
* Strong and current knowledge of data protection legislation and security control requirements
* Versed in project management procedures and concepts
* Versed in authoring and implementation of security policies, standards, and procedures
* Knowledgeable in a diverse set of technical skills, such as IT infrastructure, operating systems
* Understanding of logging, monitoring, and reporting key performance indicators (KPI) and development of continuous improvement plans
* Knowledge and skills in implementing privacy, audit, and compliance
* Excellent oral/written communication, problem solving and analytical skills
* Ability to work independently and as part of a team to achieve desired objectives and project results
* Ability to interface effectively and decisively with all levels of management, departments and outside vendors.
We're headquartered in Santa Monica, California, housing multiple teams across many disciplines of Marketing, PR, Sales, Supply Chain and other corporate functions such as HR, IT, Legal, Facilities and Finance. Santa Monica is the nerve center of our company, where the best ideas combine with unrivalled rigor to create the biggest and best entertainment experiences in the world.
Activision Blizzard, Inc. is the world's largest interactive entertainment company, with operations across North America, Europe, and Asia. We are home to some of the most beloved entertainment franchises including Call of Duty®, Skylanders®, World of Warcraft®, Overwatch®, Diablo®, Candy Crush™, and Bubble Witch™. Our combined entertainment network delights hundreds of millions of monthly active users in 196 countries, making us the largest gaming network on the planet!
We're proud to be recognized as one of FORTUNE's "100 Best Companies To Work For®" for four consecutive years and have earned a spot on FORTUNE's "Most Admired Companies," and "Future 50" lists. Our 10,000+ global employees are some of the best and brightest talents across entertainment, media, and technology.
The video game industry and therefore our business is fast-paced and will continue to evolve. As such, the duties and responsibilities of this role may be changed as directed by the Company at any time to promote and support our business and relationships with industry partners.