Manager, Security Plans and Programs
The Pokémon Company International is looking to hire a Manager, Security Plans and Programs that is passionate about the development, implementation and sustainment of plans and programs designed for risk management, audit and compliance, employee training, and advising the organization on information security practices to protect company assets, customer-facing systems, and customer data.
What You Will Do
- Lead both internal and external audits to ensure compliance with all industry-mandated regulations.
- Manage compliance initiatives to ensure operational effectiveness with applicable laws and regulations, as well as internal policies and procedures.
- Assist Legal and Technology organizations with all required compliance/security-related documentation. Ensure documentation is standardized, updated and organized.
- Participate in the development and implementation of new business initiatives involving compliance to ensure functionality required to support required compliance.
- Provide guidance to business functions on compliance/security-related matters.
- Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings.
- Initiate improvement activity to reduce risk, ensure compliance, lower cost, and improve quality within IT processes.
- Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of deliverables.
- Refine and revise existing policies and procedures to support internal and external compliance programs. Author new policies and procedures and ensure adequate training for adherence by employees.
- Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change.
- Deliver findings, recommendations and remediation steps for all activities, in a clear, concise and audience-specific format.
- Perform periodic security risk assessments and advise business stakeholders on best practices to reduce risk and overall breach profile.
- Responsible for building and influencing security as a core competency throughout TPCi to include education and training for employees.
What You Will Bring
- Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
- Skilled in risk management, business risk analysis and making complex business/risk trade-off recommendations and decisions.
- Deep understanding and experience with ISO 27001, PCI DSS, COPPA, or similar standards.
- Experience or understanding of governance, risk and compliance (GRC) processes and solutions.
- Experience in information security and auditing with increasing responsibilities.
- Strong background in security controls, auditing, network and system security.
- Ability to express complex technical concepts in business terms.
- Review and coordinate changes to information security policies, procedures, and standards.
- BS Degree in Computer Science or Computer Engineering and/or equivalent working experience.
- Information Security certifications (CISSP, GSEC, etc.) a plus
- Offensive Security/Pen test certifications (OSCP, etc.) a plus
How You Will Be Successful
- Functional/Technical Skill : Possesses the functional and technical skills to do the job at a high level of accomplishment. Remains current on developments within the industry
- Accuracy/Quality : Produces results or provides services that meet or exceed TPCi standards. Shows concern for quality, accuracy and completeness of work activities. Personally seeks to add value in every work assignment. Notices opportunity to improve quality and takes action to do so.
- Implementation/ Follow-Through : Demonstrates a commitment to quality exhibited by accuracy, completeness and conciseness of work produced. Always keeps in mind the needs of internal and external customers.
- Work Excellence : You set high quality standards and strive for continuous improvement and quality assurance with all deliverables.
- Teamwork : Collaborates and cooperates to get the job done. Offers assistance to others when needed. Builds trust and respect amongst colleagues. Works with others towards a common goal.
- Written and Oral Communication : Expresses information and thoughts clearly, concisely, and accurately in individual and/or group situations. Adapts the presentation of information to the audience and situation. Professional and respectful in communication style.
- Professional Know-How : You understand procedural and technical aspects of your role, and occassionally act as a subject matter expert for other teams. You demonstrate resourcefulness in acquiring additional professional expertise and keep up-to-date on resources available to enhance skills and meet the needs of all customers.
What to Expect
We offer a professional, fun and creative work environment. While we maintain a good balance between work and life, additional hours may be required at peak times or for specific initiatives.
The Pokémon Company International, a subsidiary of The Pokémon Company in Japan, manages the property outside of Asia and is responsible for brand management, licensing, marketing, the Pokémon Trading Card Game, the animated TV series, home entertainment, and the official Pokémon website. Pokémon was launched in Japan in 1996 and today is one of the most popular children's entertainment properties in the world.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of people so classified. All employees may be required to perform duties outside of their normal responsibilities from time to time, as needed.