Every great story has a new beginning, and yours starts here.

　　Welcome to Warner Bros. Discovery... the stuff dreams are made of.

　　Who We Are...

　　When we say, "the stuff dreams are made of," we're not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD's vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating what's next...

　　From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.

　　Your New Role...

　　Warner Bros. Discovery (WBD) is hiring a talented Manager-Information Security Vendor Risk Management who will be a part of the Global Information and Content Security (GICS) Vendor Risk Management (VRM) team supporting the organization across all domestic and international brands and divisions.

　　As a member of the VRM team you will work in partnership with key partners and stakeholders such as Legal, Privacy, and Procurement, to ensure information/data security risks are accurately assessed and contract language appropriately protects WBD from information security risks posed by supplier services. The Manager-Information Security Vendor Risk Management will also drive various initiatives to completion and assist in managing and growing an effective Vendor Risk Management Program. The successful candidate will have experience with understanding and assessing third party information security/technical risks and controls, performing data security contract reviews, solid knowledge in areas such as cloud security, network security, application security and vulnerability management, as well as experience with continuous improvement initiatives.

　　Your Role Accountabilities...

　　MANAGEMENT

　　Manage assessment intake and oversight to ensure pipeline of assessments is managed in a timely and efficient manner.Oversee day-to-day activities of junior team members and consultants.Contribute to the team's continuous improvement efforts by identifying opportunities and owning the development and implementationPrimary back-up to Senior Director

　　RISK ASSESSMENTS

　　Work with business to understand the "what" and "how" of supplier services to accurately assess level of risk and scope of assessmentPerform timely assessments of supplier controls to identify, document, and communicate key deficiencies to the business and Information Security managementCoordinate across Information Security teams to incorporate technical reviews into overall assessment (as needed)Report on assessment outcomes, risk level and associated recommendations to remediate issuesEscalate issues, as neededPerform 2nd-level peer reviews of assessment outputs, prior to reports being finalized, to drive consistency and completeness of findings based on risk of engagementSupport periodic re-assessment activities to ensure supplier adherence to data and content security requirements and to assess evolving risks and current threats

　　FINDINGS MANAGEMENT, REPORTING & ANALYTICS

　　Monitor supplier corrective action plans against agreed upon timelinesReview supplier remediation evidence for closure of findingsMonitor the effectiveness of the VRM process in accordance with agreed metrics and performance measures to drive continuous improvementsAssist with development and reporting of Key Performance Indicator metricsMaintain timely, accurate, and complete data within the identified system of record

　　CONTRACT REVIEWS

　　Review contracts to ensure appropriate data security terms are included to protect WBD from data and content security risksProvide comment and acceptable alternatives to vendor contract revisions, in alignment with defined guidanceEscalate provision changes, as needed

　　STRATEGY

　　Stay abreast of existing and upcoming regulatory legislation and oversight requirements in order to assess potential impacts to the WBD VRM program.Assist in creation of comprehensive and meaningful strategy presentations for senior executivesDocument roadmaps for key initiatives and programsAbility to contribute to building a framework and drive development for ongoing business planning and goal measurement through KPIs

　　Qualifications & Experience...

　　BS/BA degree requiredRelevant certification (Security+,CISSP, CISA, CISM, CRISC)8+ years working in information security and/or third party risk management, with experience in a technical setting3+ years performing third party risk assessmentsStrong knowledge of cloud-based models (SaaS, PaaS, IaaS) and technologies used to implement controls within these environments, network security, application security, and vulnerability management.Knowledge of controls frameworks and industry standard frameworks (NIST CSF, SSAE 18/SOC, ISO, etc.)Experience in identifying risk-based issues and working across organizations to remediate.Able to work independently, flexible and adaptive and demonstrate a passion to operate in a dynamic and fast-growing environment.Ability to work collaboratively within and across teams, including Privacy, Legal, Procurement, and the businessDetail-oriented individual with organizational, critical thinking, analytical, and problem solving skills; able to maintain a balance between the details and the larger pictureExcellent written and verbal communication skills, with the ability to present complex topics in clear, non-technical languageAbility to handle multiple assignments concurrently and reprioritize as neededDemonstrated ability to be proactive, take ownership of and solve problemsActive learner - able to proactively enhance personal, professional, and business growth through new knowledge and experiencesComfortable working in highly iterative environmentStrong leadership, project, and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments.Expert user of Microsoft Office (Excel, PowerPoint, Word) to prepare all documents, presentations, graphs, briefings, and worksheets

　　The Nice to Haves

　　3+ years of Big 4 experience in a related field3+ years of prior experience in a related field (media, entertainment, business development or streaming services industry experience)Knowledge of and passion for media, entertainment, and technology industries (including key players, growth trends and drivers, new media models, industry structure, etc.)Familiarity with ad tech, AI, streaming and similar products/servicesExperience working in a national or global company

　　#LI-Hybrid

　　How We Get Things Done...

　　This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/ along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.

　　The Legal Bits...

　　Warner Bros. Discovery embraces the opportunity to build a workforce that reflects the diversity of our society and the world around us. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, without regard to race, color, religion, national origin, gender, sexual orientation, gender identity or expression, age, mental or physical disability, and genetic information, marital status, citizenship status, military status, protected veteran status or any other category protected by law.

　　If you're a qualified candidate with a disability and you need a reasonable accommodation in order to apply for this position, please contact us at [email protected].