This job has expired, please see additional jobs below
VP Information Security & Compliance
AEG
Los Angeles, CA, United States
Job Details - this job has expired, please see similar jobs below
AEG is the world’s leading sports and live entertainment company with operations in the following business segments:
• AEG Facilities, which with its affiliates owns, manages or consults with more than 120 venues
• AEG Live, which is one of the largest live music companies in the world dedicated to live contemporary music performances, including producing and promoting global and regional concert tours, music events and world-renowned festivals
• AEG Sports, which is the world’s largest operator of sports franchises and high-profile sporting events
• AEG Global Partnerships, which supports each of AEG’s divisions through worldwide sales and servicing of sponsorships including naming rights, premium seating and other strategic partnerships
• AEG Real Estate, which develops major sports and entertainment districts worldwide
With offices on five continents, the company uses its global network of venues, portfolio of powerful sports and music brands, ticketing and content distribution platforms and its integrated entertainment districts to deliver the most creative and innovative live sports and entertainment experiences that inspire athletes, teams, artists and fans.
The VP Information Security & Compliance will be responsible for establishing and maintaining a company-wide information security program by establishing and maintaining a company-wide vision, strategy and architecture. This will include establishing, maintaining and monitoring the security related policies and procedures which promote the secure and uninterrupted operation of all information systems.
Key Responsibilities:
• Direct and approve the design of security systems; ensure compliance with the changing laws and applicable regulations
• Ensure that disaster recovery and business continuity plans are in place and tested;
• Review and approve security policies, controls and cyber incident response planning
• Approve identity and access policies
• Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
• Maintain a current understanding of the IT threat landscape for the industry; translate that knowledge to identification of risks and actionable plans to protect the business
• Oversee identity and access management (include scheduling of periodic security audits);
• Establish communication strategy and enforcement of cyber security policies and procedures across the organization
• Manage all teams, employees, contractors and vendors involved in IT security, which may include hiring; provide training and mentoring to security team members
• Constantly update the cyber security strategy to leverage new technology and threat information
• Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget
• Communicate best practices and risks to all parts of the business, outside IT
Basic Qualifications:
• A minimum education level of a Bachelor of Arts/Sciences Degree in Information Technology or a related technical area.
• 10 plus years related experience
• At least 5 years in a senior leadership role
• Experience in a combination of risk management, information security and IT jobs
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences
• Proven track record and experience in developing information security policies and procedures
• Must be a critical thinker, with strong problem-solving skills
• Knowledge and understanding of relevant legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard Personally Identifiable Information (PII).
• Strong project management, financial/budget management, scheduling and resource management skills
• Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals
• Demonstrated ability to overcome obstacles and deliver assignments on-time and with high quality
• Must be able to envision and articulate a compelling future for the business and to present and discuss strategies and technical information in a matter that establishes rapport, persuades others, and establishes understanding—for both technical and nontechnical audiences.
• Ability to combine strategic business and technical direction and translate concepts into actionable implementation plans.
Preferred Qualifications:
• Certification as a Certified Information Systems Security Professional (CISSP) and/or Systems Security Certified Practitioner (SSCP) is desirable.
• Master Degree in related field
AEG reserves the right to change or modify the employee’s job description whether orally or in writing, at any time during the employment relationship. AEG may require an employee to perform duties outside his/her normal description.