M+E Technology Job Board
Audit and Governance Manager
MPAA
The MPAA’s Content Security Program is focused on strengthening security practices in the worldwide production and supply chain by ensuring our partners’ compliance with industry best practices and standards for management systems, physical security, digital security, application security and cloud security.
The Audit and Governance Manager will be responsible for leading governance aspects of the assessment function and assuring the quality of assessments performed via the Trusted Partner Network for the Content Security Program.
Key Responsibilities
- Conduct thorough review and approval (Quality Control) of third party content security assessments performed for the Trusted Partner Network (TPN).
- Conduct testing and scoring of the Qualified Assessor technical test(s)
- Monitor Assessor quality and vendor feedback regarding assessors
- Ongoing revision and development of the test question bank for these tests.
- Conduct thorough review and recommendation of legal documents associated with the TPN and the Content Security Program
- Perform Governance review of our policies, procedures, practices in the ongoing management of the TPN
- Liaise with outside accrediting bodies to understand and maintain best in class practices for our program
- Administer the TPN Logo / Certification program
- Ongoing updates of governance practices, engagement documents, ethics and other legal controls.
- Provide feedback to Qualified Assessors on the quality of assessments/reports to improve the work products
- Provide input to and liaise with Platform development team for upgrades and enhancements to the TPN platform
- Test and implement latest versions and revisions of standards and platforms
- Perform, plan and manage the performance of vendor security (management, physical, digital, mobile, cloud and application security) on-site assessments, reporting and follow-ups if required.
- Develop and document assessment processes and procedures from start to finish ensuring complete, effective, and timely operation of the TPN.
- Provide Training for such processes and procedures as well as emerging technical topics and changes to Best Practices.
- Monitor security risks and new or emerging technologies.
Education, Experience and Other Requirements
- Bachelor’s Degree B.A./B.S.
- Advanced training in security and risk management
- Certifications: CISSP and / or CISA or equivalent required; Other technology certifications a plus
- Minimum 5+ years combined experience in information security / information technology
- Experience conducting technical audits, to include network and application security assessments; Vulnerability and penetration testing a plus.
- Knowledge of physical and information security protocols
- Experience in in-depth review of legal documentation. Paralegal a plus.
- Broad technical expertise with application, system integration, data and/or infrastructure knowledge
- Proven problem solving and analytical skills with the ability to anticipate and carry out responsibilities under minimal supervision
- Ability to work with individuals across a wide variety of operational, functional and technical areas
- Able to effectively communicate complex concepts verbally and in writing
- Must possess the highest level of work ethic and integrity with the ability to maintain confidential information
- 1-3 years’ experience in the entertainment or entertainment-related industry is preferred
- Willingness to travel up to 25% (domestic and international)
MPAA
The MPAA’s Content Security Program is focused on strengthening security practices in the worldwide production and supply chain by ensuring our partners’ compliance with industry best practices and standards for management systems, physical security, digital security, application security and cloud security.
The Audit and Governance Manager will be responsible for leading governance aspects of the assessment function and assuring the quality of assessments performed via the Trusted Partner Network for the Content Security Program.
Key Responsibilities
- Conduct thorough review and approval (Quality Control) of third party content security assessments performed for the Trusted Partner Network (TPN).
- Conduct testing and scoring of the Qualified Assessor technical test(s)
- Monitor Assessor quality and vendor feedback regarding assessors
- Ongoing revision and development of the test question bank for these tests.
- Conduct thorough review and recommendation of legal documents associated with the TPN and the Content Security Program
- Perform Governance review of our policies, procedures, practices in the ongoing management of the TPN
- Liaise with outside accrediting bodies to understand and maintain best in class practices for our program
- Administer the TPN Logo / Certification program
- Ongoing updates of governance practices, engagement documents, ethics and other legal controls.
- Provide feedback to Qualified Assessors on the quality of assessments/reports to improve the work products
- Provide input to and liaise with Platform development team for upgrades and enhancements to the TPN platform
- Test and implement latest versions and revisions of standards and platforms
- Perform, plan and manage the performance of vendor security (management, physical, digital, mobile, cloud and application security) on-site assessments, reporting and follow-ups if required.
- Develop and document assessment processes and procedures from start to finish ensuring complete, effective, and timely operation of the TPN.
- Provide Training for such processes and procedures as well as emerging technical topics and changes to Best Practices.
- Monitor security risks and new or emerging technologies.
Education, Experience and Other Requirements
- Bachelor’s Degree B.A./B.S.
- Advanced training in security and risk management
- Certifications: CISSP and / or CISA or equivalent required; Other technology certifications a plus
- Minimum 5+ years combined experience in information security / information technology
- Experience conducting technical audits, to include network and application security assessments; Vulnerability and penetration testing a plus.
- Knowledge of physical and information security protocols
- Experience in in-depth review of legal documentation. Paralegal a plus.
- Broad technical expertise with application, system integration, data and/or infrastructure knowledge
- Proven problem solving and analytical skills with the ability to anticipate and carry out responsibilities under minimal supervision
- Ability to work with individuals across a wide variety of operational, functional and technical areas
- Able to effectively communicate complex concepts verbally and in writing
- Must possess the highest level of work ethic and integrity with the ability to maintain confidential information
- 1-3 years’ experience in the entertainment or entertainment-related industry is preferred
- Willingness to travel up to 25% (domestic and international)