M+E Technology Job Board
Director, Content Security Technical
Technicolor
Director, Content Security, Technical will report to the VP, Content Security in overseeing implementation of content security programs for Technicolor Production Services sites globally. This role has an emphasis on Network Security and other more technical aspects of content protection in assisting all or leading a single Service Line, globally (i.g. VFX, Advertising, Animation & Gaming). This position will act as a subject matter expert on content security technology while collaborating with the service line leaders, content security team, local site and global network security teams to achieve security best practices.
The position will gain an understanding of site operations, assess security vulnerabilities and risks, gather documentation to evidence compliance, document audit procedure and findings, work with site management and the content security team while supporting IT staff to develop solutions, remediation action plans, monitor the implementation of such plans, and report progress to Executive Management.
Essential Functions
(Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions)
Maintain and develop policies for all aspects of content, digital and physical security across the enterprise and production environments.
Act as an end-to-end expert while collaborating with the internal technical and content security teams in managing IT-related compliance initiatives; effectively working together to achieve and sustain compliance with regulatory, industry and contractual obligations.
Recommend new security technologies while working closely with all BU’s and IT groups to help design and build security infrastructure for secure business operations and production workflows
Assist business units and corporate groups in understanding and complying with a broad cross section of audit standards, including but not limited to TPN, MPAA/CDSA, SOC’s, CSA, European Safe Harbor, OWASP, etc.
Coordinate in the completion of pre-audit documents (e.g. questionnaires, checklists, etc.) and pre-audit internal assessments, in parallel coordinate with external requests of audits with clients and industry associations (TPN, MPAA/CDSA, etc.)
Work directly with Business Units in building a local security program, remediation planning and completion with global supporting teams. Ensure progress is maintained by evaluating local team progress, identifying and facilitating improvements to the local program in partnership with management, tracking remediation status and communicate updates to clients and stakeholders on security progress.
Perform internal security assessments. Coordinate/conduct “on site” security audits on a global scale, assisting customers and related industry organizations in their audit requests.
Manage Content Security Governance Risk and Compliance toolsets (Service Now) for all sites globally. This includes working with development teams in product enhancement in order to improve upon and streamline the user experience
Respond to content security related incidents and investigate as necessary.
Other duties as required
Required Education and Experience
BA/BS or equivalent combination of education and experience
Preferred Education and Experience
Bachelors Degree in Computer Science, Information Technology or equivalent experience
Experience with security tools and solutions – PKI, AV, IPS/IDS, Vulnerability and Penetration testing, SIEM, OS Hardening, VPN, Content Filtering, Proxies etc.
Experience with Cloud Security controls and implementations across the major providers (Amazon, Google, Azure) and other smaller 3rd parties (Conductor, YellowDog, etc.) preferred.
5+ years experience operating as a security or network resource in a large enterprise environment preferred
Understanding of various platforms (Linux, Windows, Unix, etc.) with related knowledge of SMTP, LDAP, DNS etc.
Demonstrated experience with Web Server Security and advanced concepts associated with system networking
Certifications in one of more of the following desired- CISSP, CISM, CISA, CPP, CRISC, CEH, ITIL, TPN
Knowledge of Trusted Partner Network (TPN – MPAA/CDSA) Best Practices and related security guidelines (CDSA, ISO, CSA, etc.) with knowledge of COSO, COBIT, NIST and ISO 27001 desired.
Thorough knowledge and technical skills around current and developing content security/anti-piracy technology, industry standards and regulations
Experience with security related assessments and remediation at an auditing firm or related Media and Entertainment company
Additional Eligibility Qualifications
Ability to communicate at a technical level with technical professionals and communicate complex technical concepts to non-technical management
Outstanding oral and written communication skills with ability to listen a must.
Must be well organized and have a keen attention to detail.
Ability to travel Domestically and Internationally a must.
Work non-standard shifts and/or be on-call to support the requirements of the organizations
Supervisory Responsibility
Production Services locations globally
Work Environment
This job operates in a professional office environment. This role routinely uses standard office equipment such as laptop computers, phones, photocopiers, filing cabinets, fax machines and smartphones.
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of the job. While performing the duties of this job, the employee is regularly required to talk or hear. The employee is frequently required to stand; walk; use hands to finger, handle or feel; and reach with hands and arms. The employee must occasionally lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus.
Travel
Yes 20%
Other Duties
Please note this Job Profile is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities may change at any time with or without notice.
Leadership and Influence
Collaborate with the Content Security, Risk Management, Technicolor Security Office and Local/Global IT teams in promoting and establishing a solid security structure at Technicolor and related businesses. Provide technical expertise to all groups to fill skill gaps and develop core competencies where applicable. Think outside the box to address complex issues and identify solutions. Maintain an active partnership with counterparts in the industry and be involved in security related industry events and initiatives.
Leadership 15%
Managerial 20%
Business 15%
Technical 30%
Administration 20%
Total 100%
Technicolor
Director, Content Security, Technical will report to the VP, Content Security in overseeing implementation of content security programs for Technicolor Production Services sites globally. This role has an emphasis on Network Security and other more technical aspects of content protection in assisting all or leading a single Service Line, globally (i.g. VFX, Advertising, Animation & Gaming). This position will act as a subject matter expert on content security technology while collaborating with the service line leaders, content security team, local site and global network security teams to achieve security best practices.
The position will gain an understanding of site operations, assess security vulnerabilities and risks, gather documentation to evidence compliance, document audit procedure and findings, work with site management and the content security team while supporting IT staff to develop solutions, remediation action plans, monitor the implementation of such plans, and report progress to Executive Management.
Essential Functions
(Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions)
Maintain and develop policies for all aspects of content, digital and physical security across the enterprise and production environments.
Act as an end-to-end expert while collaborating with the internal technical and content security teams in managing IT-related compliance initiatives; effectively working together to achieve and sustain compliance with regulatory, industry and contractual obligations.
Recommend new security technologies while working closely with all BU’s and IT groups to help design and build security infrastructure for secure business operations and production workflows
Assist business units and corporate groups in understanding and complying with a broad cross section of audit standards, including but not limited to TPN, MPAA/CDSA, SOC’s, CSA, European Safe Harbor, OWASP, etc.
Coordinate in the completion of pre-audit documents (e.g. questionnaires, checklists, etc.) and pre-audit internal assessments, in parallel coordinate with external requests of audits with clients and industry associations (TPN, MPAA/CDSA, etc.)
Work directly with Business Units in building a local security program, remediation planning and completion with global supporting teams. Ensure progress is maintained by evaluating local team progress, identifying and facilitating improvements to the local program in partnership with management, tracking remediation status and communicate updates to clients and stakeholders on security progress.
Perform internal security assessments. Coordinate/conduct “on site” security audits on a global scale, assisting customers and related industry organizations in their audit requests.
Manage Content Security Governance Risk and Compliance toolsets (Service Now) for all sites globally. This includes working with development teams in product enhancement in order to improve upon and streamline the user experience
Respond to content security related incidents and investigate as necessary.
Other duties as required
Required Education and Experience
BA/BS or equivalent combination of education and experience
Preferred Education and Experience
Bachelors Degree in Computer Science, Information Technology or equivalent experience
Experience with security tools and solutions – PKI, AV, IPS/IDS, Vulnerability and Penetration testing, SIEM, OS Hardening, VPN, Content Filtering, Proxies etc.
Experience with Cloud Security controls and implementations across the major providers (Amazon, Google, Azure) and other smaller 3rd parties (Conductor, YellowDog, etc.) preferred.
5+ years experience operating as a security or network resource in a large enterprise environment preferred
Understanding of various platforms (Linux, Windows, Unix, etc.) with related knowledge of SMTP, LDAP, DNS etc.
Demonstrated experience with Web Server Security and advanced concepts associated with system networking
Certifications in one of more of the following desired- CISSP, CISM, CISA, CPP, CRISC, CEH, ITIL, TPN
Knowledge of Trusted Partner Network (TPN – MPAA/CDSA) Best Practices and related security guidelines (CDSA, ISO, CSA, etc.) with knowledge of COSO, COBIT, NIST and ISO 27001 desired.
Thorough knowledge and technical skills around current and developing content security/anti-piracy technology, industry standards and regulations
Experience with security related assessments and remediation at an auditing firm or related Media and Entertainment company
Additional Eligibility Qualifications
Ability to communicate at a technical level with technical professionals and communicate complex technical concepts to non-technical management
Outstanding oral and written communication skills with ability to listen a must.
Must be well organized and have a keen attention to detail.
Ability to travel Domestically and Internationally a must.
Work non-standard shifts and/or be on-call to support the requirements of the organizations
Supervisory Responsibility
Production Services locations globally
Work Environment
This job operates in a professional office environment. This role routinely uses standard office equipment such as laptop computers, phones, photocopiers, filing cabinets, fax machines and smartphones.
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of the job. While performing the duties of this job, the employee is regularly required to talk or hear. The employee is frequently required to stand; walk; use hands to finger, handle or feel; and reach with hands and arms. The employee must occasionally lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus.
Travel
Yes 20%
Other Duties
Please note this Job Profile is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities may change at any time with or without notice.
Leadership and Influence
Collaborate with the Content Security, Risk Management, Technicolor Security Office and Local/Global IT teams in promoting and establishing a solid security structure at Technicolor and related businesses. Provide technical expertise to all groups to fill skill gaps and develop core competencies where applicable. Think outside the box to address complex issues and identify solutions. Maintain an active partnership with counterparts in the industry and be involved in security related industry events and initiatives.
Leadership 15%
Managerial 20%
Business 15%
Technical 30%
Administration 20%
Total 100%