Job Details
**Chief Information Security Officer**
* Full Time
* Posted 6 days ago
**Vubiquity**
At VUBIQUITY, part of the Amdocs Media division of Amdocs, we deliver premium content to viewers on any screen, device, or platform. With a wide-ranging global customer network, the worlds leading content owners (Major Studios, Indie Studios, TV Networks & Digital First Networks) and video service providers (OTT, Mobile, Cable, Satellite, Telco) have selected us to deliver entertainment experiences around the world. We have our offices in Los Angeles, Toronto, London, and Cyprus. For more information, visit Vubiquity at
Role Description
Vubiquity is hiring a Chief Information Security Officer. This role will own all assurance activities along with defining security technology process and procedure. The CISO will manage a team of InfoSec professionals and lead a broader team from Development, Engineering and IT Infrastructure on the necessary actions required to ensure implementation and compliance. The role will also develop new solutions for the protection of company information systems and media assets. We are seeking a dynamic leader who is proactive self-starter with a concrete understanding of IS concepts and practices who is excited to join a strong team in the exciting world of media and entertainment.
The idea candidate will:
Be a successful leader who effectively works with executive management to determine acceptable level of risk for the company. They will have strong problem-solving abilities with excellent written and verbal communication skills. They will be innovative and able to work across teams to motive individual contributors to maintain integrity of the company.
Responsibilities
KEY RESPONSIBILITIES:
Ensure robust 247 security operation overseeing critical IT, business services and media assets
Implement and oversee security risk management program including event logging and monitoring controls in a hybrid cloud environment; ensure appropriate level of coverage and effectiveness
Work with software engineering teams to secure applications and infrastructure. Automate security-related activities in a scalable, repeatable and maintainable way
Perform and automate compliance activities; incident investigations, audits, CVE detection, remediation consultation and verification
Extending the identity & access management program to include all on-prem, cloud and hybrid environments
Evaluate security solutions based on new compliance requirements; lead POC, provide summary and recommendations
Participate as a key member of the Information Security Steering Committee, provide reports and presentations on the current state and future plans of Infosec
Stay current on cybersecurity threat landscape on Vubiquitys systems, services and critical partners
Perform periodic audit of critical systems and recommending control improvements
Providing technical mentorship to team members and peers; lead periodic security training for IT, Engineering, Media Operations and office staff
Provide executives updates on the overall progress of Vubiquitys security status and what projects, efforts, and initiatives are underway to improve and enhance our security posture.
Partners with business unit leads to work with clients on specific secure content workflows.
Interact and build relationships with CISOs at major studios and content providers that Vubiquity works closely with
Lead compliance initiatives focusing on MPA TPN, GDPR, CCPA and applicable regional cybersecurity and data privacy requirements
An experienced vendor, managed service and contract negotiator.
Global educator evangelizing best practices and policy enforcement along with providing a vision of security technology and systems.
Qualifications
QUALIFICATIONS
Qualifications / Requirements
Comprehensive knowledge of security on networking, web services, application development, infrastructure configuration and end-point protection.
Experience with Cloud Platform Security, IAM and controls available for AWS and Azure.
Experience in implementing Secure SDLC in CI/CD pipelines.
Extensive expertise in vulnerability assessment tools, patch management systems, network firewalls, intrusion prevention systems, web application firewalls (WAF) and DDoS mitigation solutions.
In-depth knowledge of securing media assets flowing through content processing pipelines and media supply chains.
Working knowledge of media industry storage, file transfer, streaming and content caching platforms.
Working knowledge of DRM technologies, forensic watermarking, SSO and MFA.
In-depth knowledge of risk management methodologies and approach.
Robust knowledge of security vendors in key security domains, and detailed security product capabilities.
Expertise in compliances (MPA/TPN, SOC, DPA, and similar) and IS standards or frameworks (ISO 27001, OWASP, CIS Benchmark, NIST, etc.)
Preferred Qualifications
12 years of mixed IT and Infosec experience in large, matrixed corporate environment
5 years leading security team and developing individuals
Professional security management certification (CISA/CISM/CISSP)
Education Requirement
Bachelors degree in Computer Science, Cybersecurity, Systems Engineering or equivalent
**Privacy Overview**