Chief Information Security Officer

**Chief Information Security Officer**

* Full Time

* Posted 6 days ago

**Vubiquity**

At VUBIQUITY, part of the Amdocs Media division of Amdocs, we deliver premium content to viewers on any screen, device, or platform. With a wide-ranging global customer network, the worlds leading content owners (Major Studios, Indie Studios, TV Networks & Digital First Networks) and video service providers (OTT, Mobile, Cable, Satellite, Telco) have selected us to deliver entertainment experiences around the world. We have our offices in Los Angeles, Toronto, London, and Cyprus. For more information, visit Vubiquity at http://www.vubiquity.com

Role Description

Vubiquity is hiring a Chief Information Security Officer. This role will own all assurance activities along with defining security technology process and procedure. The CISO will manage a team of InfoSec professionals and lead a broader team from Development, Engineering and IT Infrastructure on the necessary actions required to ensure implementation and compliance. The role will also develop new solutions for the protection of company information systems and media assets. We are seeking a dynamic leader who is proactive self-starter with a concrete understanding of IS concepts and practices who is excited to join a strong team in the exciting world of media and entertainment.

The idea candidate will:

Be a successful leader who effectively works with executive management to determine acceptable level of risk for the company. They will have strong problem-solving abilities with excellent written and verbal communication skills. They will be innovative and able to work across teams to motive individual contributors to maintain integrity of the company.

Responsibilities

KEY RESPONSIBILITIES:

Ensure robust 247 security operation overseeing critical IT, business services and media assets

Implement and oversee security risk management program including event logging and monitoring controls in a hybrid cloud environment; ensure appropriate level of coverage and effectiveness

Work with software engineering teams to secure applications and infrastructure. Automate security-related activities in a scalable, repeatable and maintainable way

Perform and automate compliance activities; incident investigations, audits, CVE detection, remediation consultation and verification

Extending the identity & access management program to include all on-prem, cloud and hybrid environments

Evaluate security solutions based on new compliance requirements; lead POC, provide summary and recommendations

Participate as a key member of the Information Security Steering Committee, provide reports and presentations on the current state and future plans of Infosec

Stay current on cybersecurity threat landscape on Vubiquitys systems, services and critical partners

Perform periodic audit of critical systems and recommending control improvements

Providing technical mentorship to team members and peers; lead periodic security training for IT, Engineering, Media Operations and office staff

Provide executives updates on the overall progress of Vubiquitys security status and what projects, efforts, and initiatives are underway to improve and enhance our security posture.

Partners with business unit leads to work with clients on specific secure content workflows.

Interact and build relationships with CISOs at major studios and content providers that Vubiquity works closely with

Lead compliance initiatives focusing on MPA TPN, GDPR, CCPA and applicable regional cybersecurity and data privacy requirements

An experienced vendor, managed service and contract negotiator.

Global educator evangelizing best practices and policy enforcement along with providing a vision of security technology and systems.

Qualifications

QUALIFICATIONS

Qualifications / Requirements

Comprehensive knowledge of security on networking, web services, application development, infrastructure configuration and end-point protection.

Experience with Cloud Platform Security, IAM and controls available for AWS and Azure.

Experience in implementing Secure SDLC in CI/CD pipelines.

Extensive expertise in vulnerability assessment tools, patch management systems, network firewalls, intrusion prevention systems, web application firewalls (WAF) and DDoS mitigation solutions.

In-depth knowledge of securing media assets flowing through content processing pipelines and media supply chains.

Working knowledge of media industry storage, file transfer, streaming and content caching platforms.

Working knowledge of DRM technologies, forensic watermarking, SSO and MFA.

In-depth knowledge of risk management methodologies and approach.

Robust knowledge of security vendors in key security domains, and detailed security product capabilities.

Expertise in compliances (MPA/TPN, SOC, DPA, and similar) and IS standards or frameworks (ISO 27001, OWASP, CIS Benchmark, NIST, etc.)

Preferred Qualifications

12 years of mixed IT and Infosec experience in large, matrixed corporate environment

5 years leading security team and developing individuals

Professional security management certification (CISA/CISM/CISSP)

Education Requirement

Bachelors degree in Computer Science, Cybersecurity, Systems Engineering or equivalent

**Privacy Overview**