Job Title:Sr. Analyst – Information Security GovernanceRequisition ID:R012924Job Description:Your PlatformFounded in 1979, Activision has continuously disrupted the world of entertainment as a leader in the videogame industry. With a history of delivering iconic game changerslike Pitfall, Tony Hawk, Guitar Hero, Crash Bandicoot, Skylanders and Call of Dutyour obsession is delighting our players around the globe. Focused and committed to innovation, we consistently deliver the most beloved, engaging and successful entertainment.And while we have extraordinary franchises, infrastructure and resources, our success comes from a hard-working, dedicated and complementary team of people producing greatness together. So, if you’re interested in our biggest priority, it’s our people.We’re currently driving the next era for our company and community by creating amazing experiences for fans and continuing to make Activision an inclusive place where everyone can thrive.Join us, make history. To learn more, check us out at www.activision.com, www.activisiongamesblog.com or @Activision on Instagram, Twitter, Facebook and LinkedIn.Your MissionAs a Sr. Analyst you will have a solid background within information security to make a strong impact on the company’s security program and services. The candidate will have experience with various Information Security concepts including data governance, risk management, metrics, audit, policy and standards development. This individual will work with the Information Security team, Legal, IT, and other business teams to:Establish policies, processes and standards aimed at reducing organizational risk from an Information Security perspectiveMaintain working relationships with business partners to understand business processes and the impact of new policies and processes in their ability to do businessLead the communication of Information Security policies, processes and standards to all collaborators, and maintain a repositoryBe the owner of data mapping for non-privacy related data (Financial, Marketing, studio assets, etc.)Develop Information Security awareness training aligned to the risks associated with end usersSupport the delivery of security training and certifications across the whole ABK Information Security organizationSupport, along with Risk and Compliance, the design of metrics to determine level of risk and compliance to those measuresBe a partner to the Compliance team to validate the effectiveness of implemented controlsIdentify gaps in existing policies, processes and standards when compared to established security controls frameworksMaintain the relevance of the governance processes by researching new security governance trends and incorporating changes as appropriate in partnership with all collaboratorsEstablish and maintain regular written and in-person communications pertinent to governance and security activitiesIn partnership with Risk, examine incoming requests for exceptions to security control requirements and draft recommendations that include requisite mitigation strategies, seek approval, and maintain a registry of the exception and residual riskPlayer ProfileMinimum Requirements:Bachelor’s degree in Computer Science, Information Systems, other related field; or equivalent work experienceMinimum of three years of information security experience in a corporate or consulting environment, orMinimum of five years developing IT policies and procedures that include implementation of security controlsAny one or more of the following preferredCertified Information Systems Security Professional (CISSP) from ISC2ISACA CGEIT, CRISC or CISA certification(any) Global Information Assurance Certification (GIAC) from SANSWorking knowledge of common information security management frameworks and practices such asNational Institute of Standards and Technology (NIST)CIS Critical ControlsISO/IEC 270xxSolid understanding of security requirements, frameworks, templates, assessments, process maps, data flowsDemonstrated experience with data governance and regulatory security requirementsVersed in project management procedures and conceptsKnowledgeable in a diverse set of technical skills, such as IT infrastructure, operating systemsUnderstanding of logging, monitoring, and reporting key performance indicators and development of continuous improvement plansExcellent oral/written communication, problem solving and analytical skillsAbility to work independently and as part of a team to achieve desired objectives and project resultsAbility to interface effectively and decisively with all levels of management, departments and outside vendorsDon’t meet every single requirement? Studies have shown that women and people of color are less likely to apply to jobs unless they meet every single qualification in the job posting. At Activision Blizzard we are committed to creating a diverse and inclusive environment so we strongly encourage you to apply even if you don’t believe you meet every single qualification outlined. We also do our best to ensure all applications received are responded to.Our WorldActivision Blizzard, Inc. (NASDAQ: ATVI), is one of the world’s largest and most successful interactive entertainment companies and is at the intersection of media, technology and entertainment. We are home to some of the most beloved entertainment franchises including Call of Duty, World of Warcraft, Overwatch, Diablo, Candy Crush and Bubble Witch. Our combined entertainment network delights hundreds of millions of monthly active users in 196 countries, making us the largest gaming network on the planet!Our ability to build immersive and innovate worlds is only enhanced by diverse teams working in an inclusive environment. We aspire to have a culture where everyone can thrive in order to connect and engage the world through epic entertainment. We provide a suite of benefits that promote physical, emotional and financial well-being for ‘Every World’ – we’ve got our employees covered!The videogame industry and therefore our business is fast-paced and will continue to evolve. As such, the duties and responsibilities of this role may be changed as directed by the Company at any time to promote and support our business and relationships with industry partners.Activision is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, national origin, protected veteran status, or any other basis protected by applicable law and will not be discriminated against on the basis of disability.
Associated topics: attack, forensic, identity access management, idm, information assurance, malicious, security, security analyst, threat, vulnerability