Skip to main content

Third Party Risk Manager

カルバーシティ , カリフォルニア州

求人ID JR20-10795 応募する 保存された求人を表示

This position is responsible for operationalizing and maintaining the Third Party Risk Management program, including coordination and execution of activities to ensure risk assessments are performed for critical third parties throughout the organization.

With direction, the Information Security Third Party Risk Manager establishes and maintains relationships with the business owners to identify third parties, provide information regarding potential risks to the business information and content assets, and support review of contracts and implementation of riders. In addition, works with relevant groups to leverage Application Criticality Assessments, performs Business Impact Assessments, completes risk assessments, identifies requirements, implements policies and procedures, and maintains an inventory of critical third parties.

This role will work closely with the other Information Security functional areas, as well as other departments within Sony such as the Corporation Global Information Security & Privacy (GIS&P) team, SPE corporate functions such as People & Organization, Corporate Communications, Legal Compliance, Strategic Sourcing, Investigative Services, Information Technology and business unit personnel. 

Responsibilities:

Risk Management

  • Works with Information Governance to ensure Application Criticality Assessments have been completed as applicable. Perform Business Impact Assessments to identify critical third parties. Completes and manages risk assessments through to Risk Remediation and Risk Treatment Plans.  Provide informed decisions to management concerning the potential risks to the business.  Work with business owners and project managers to mitigate risk.
  • Conduct periodic reviews with business owners to re-assess the information security classification and criticality ratings of information assets.
  • Maintain the inventory of information assets and third parties.

Contract Review/Rider Implementation

  • Work with Strategic Sourcing to review contracts and provide direction, feedback and recommendations on Security Riders for all third parties; partner with Strategic Sourcing develop and standardize a process to manage third party intake, assessment and remediation processes.
  • Support the development and enhancement of processes to ensure compliance with applicable information security requirements; participate in the development and maintenance of supporting procedures.

Operations Management

  • Contribute to development of strategy and plans for Information Security initiatives.
  • Assist in developing and providing KPIs and metrics for Information Security program and initiatives.
  • Contribute to and support continuing operational improvements and efficiencies.

Requirements:

  • Candidates will have a four year degree relating to information technology, compliance, information management, and/or information security and a minimum of 5 year’s work experience.
  • Self-motivated, creative and detail-oriented with a strong knowledge of information management and/or information governance processes and technologies.
  • Direct experience working in Information Security and demonstrated experience performing risk assessments and analysis.
  • Knowledge of risk management methodologies and practices
  • Capable of authoring and presenting professional Information Security guidance documents, presentations, procedures, and/or educational material.
  • Aptitude and interest in information technologies, critical thinking, change management, and project management is a must.
  • Strong written and verbal communication skills.
  • Ability to prioritize multiple tasks and demands.
  • Equally skilled at working independently and within a team.
  • Maintain a professional demeanor when dealing with confidential and sensitive issues.
  • Strong problem solving, decision making and follow-through abilities.
  • Ability to work effectively in a multicultural, multinational environment consisting of cross-functional, high performance teams.
  • Ability to work within virtual and/or matrixed teams to complete a project or task.
  • Establish and maintain relationships in key business areas

* Sony Pictures Entertainment is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, age, sexual orientation, gender identity, or other protected characteristics.

応募する

ソニー・ピクチャーズをLoveする理由マイアミの社員

マイアミオフィス
アダム・ヘル マイアミ

「ソニー・ピクチャーズで働く人々は素晴らしいです。同僚たちは、賢く、親切で、温かく、思慮深く、情熱的で協力的です。」

求人募集

You have not recently viewed any jobs.

You have not saved any jobs.

求人アラート

ソニー・ピクチャーズの最新の求人情報を受け取りたい方は、以下のフォームをご記入の上、送信してください。

関心カテゴリーを検索し、提案リストから一つ選択してください。勤務地を検索し、提案リストから一つ選択してください。最後に、「追加」をクリックして、ジョブアラートを作成してください。

  • 環境、健康安全保障、コンプライアンス, カルバーシティ, カリフォルニア州, アメリカ合衆国削除

すべてのフィールドは必須です。送信前にカテゴリと勤務地を選択してください。

ピーターラビット