Manager, Governance Risk & Compliance

San Francisco, CA, United States

Comcast brings together the best in media and technology. We drive innovation to create the world's best entertainment and online experiences. As a Fortune 50 leader, we set the pace in a variety of innovative and fascinating businesses and create career opportunities across a wide range of locations and disciplines. We are at the forefront of change and move at an amazing pace, thanks to our remarkable people, who bring cutting-edge products and services to life for millions of customers every day. If you share in our passion for teamwork, our vision to revolutionize industries and our goal to lead the future in media and technology, we want you to fast-forward your career at Comcast. Job Summary

As part of the Governance, Risk and Compliance team within Technology Experience and Services, you will be an integral part of ensuring our technology is built with security in mind and that security controls are consistently maintained. You will be part of the process of expanding our GRC processes to the Comcast Advertising teams. This will require a deep knowledge and understanding of end-to-end business process, security frameworks (e.g. NIST, ISO, HIPAA and HITRUST), regulatory compliance (e.g. PCI, GDPR, SOX, etc.) and technology standards, procedures and guidelines. You should possess detailed knowledge of administrative and technical security control assessments and be able to prepare and communicate compliance issues to leadership through reporting and metrics. In addition, knowledge and experience managing third party risk and security will also be a valuable skill in this role. Job Description

CORE RESPONSIBILITIES

Assist in building the organization’s cybersecurity strategy to ensure we’re proactively identifying/addressing relevant security gaps, compliant with internal policies and external regulatory requirements, and improving our overall security posture and program.

Collaborate with business and technology teams to ensure security strategies and initiatives align with business objectives.

Direct and coordinate the development and implementation of security awareness programs and education.

Serve as an internal auditor to ensure that appropriate precautions over information are granted high visibility and are considered in the design of new and existing systems.

Review and recommend cost-effective controls to eliminate or minimize risk.

Prepare written plan and annual reports on contingency planning and data security for each critical system.

Provide day-to-day leadership and guidance in resolving complex technical operational situations.

Consistent exercise of independent judgment and discretion in matters of significance.

Regular, consistent and punctual attendance. Must be able to work nights and weekends, variable schedule(s) and overtime as necessary.

Other duties and responsibilities as assigned.

REQUIREMENTS

Bachelor’s degree in computer science, Accounting/Finance, or related field, or equivalent work experience.

7+ years of experience in governance, risk, and compliance function.

Experience in security frameworks (such as NIST, ISO; knowledge of HIPAA or HITRUST also a plus) and regulatory compliance reporting (such as PCI and/or SOX).

Experience in business continuity planning.

Experience managing risk and compliance function in a cloud computing environment.

Expert level experience in controls, assessments, and auditing.

Strong analytical, organization, time management, facilitation, and process management skills.

Demonstrated high level of written, verbal, and interpersonal skills to communicate technical and non-technical information, ideas, procedures, and processes.

CISM, CRISC, or CISA certification preferred.

Employees at all levels are expected to:

Understand our Operating Principles; make them the guidelines for how you do your job.

Own the customer experience - think and act in ways that put our customers first, give them seamless digital options at every touchpoint, and make them promoters of our products and services.

Know your stuff - be enthusiastic learners, users and advocates of our game-changing technology, products and services, especially our digital tools and experiences.

Win as a team - make big things happen by working together and being open to new ideas.

Be an active part of the Net Promoter System - a way of working that brings more employee and customer feedback into the company - by joining huddles, making call backs and helping us elevate opportunities to do better for our customers.

Drive results and growth.

Respect and promote inclusion & diversity.

Do what's right for each other, our customers, investors, and our communities.

Disclaimer:

This information has been designed to indicate the general nature and level of work performed by employees in this role. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications.

Comcast is an EOE/Veterans/Disabled/LGBT employer.

Compensation

National Pay Range: $92,293.36 USD-$216,312.56 USD Comcast intends to offer the selected candidate base pay dependent on job-related, non-discriminatory factors such as experience. Base pay is one part of the Total Rewards that Comcast provides to compensate and recognize employees for their work. Most sales positions are eligible for a Commission under the terms of an applicable plan, while most non-sales positions are eligible for a Bonus. Additionally, Comcast provides best-in-class Benefits. We believe that benefits should connect you to the support you need when it matters most, and should help you care for those who matter most. That’s why we provide an array of options, expert guidance and always-on tools, that are personalized to meet the needs of your reality – to help support you physically, financially and emotionally through the big milestones and in your everyday life. Please visit the compensation and benefits summary on our careers site for more details.

The application window is 30 days from the date job is posted, unless the number of applicants requires it to close sooner or later.

Education

Bachelor's DegreeWhile possessing the stated degree is preferred, Comcast also may consider applicants who hold some combination of coursework and experience, or who have extensive related professional experience. Certifications (if applicable)

Relative Work Experience

5-7 YearsComcast is proud to be an equal opportunity workplace. We will consider all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability, veteran status, genetic information, or any other basis protected by applicable law. Comcast will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law, including the Los Angeles Fair Chance Initiative for Hiring Ordinance and the San Francisco Fair Chance Ordinance.

Explore more InfoSec / Cybersecurity career opportunities Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr