Manager, Security Governance
Greater LA Area
1 day ago
Evaluate and determine appropriate risk and security controls applicable to achieving compliance related in production, and post-production infrastructures. (e.g. MPAA, CDSA and ISO 27001/27002).
Develop and maintain technical and administrative processes which allow the automation of compliance with security and risk controls within the following industry standards - MPAA, NIST and GDPR.
Maintain and mature audit process, security policies, procedures, and best practices.
Work closely with Deluxe Enterprise IT and other Technology departments to achieve compliance and comprehensive integration of security solutions into the business process.
Provide reports on existing business processes and assist in the development and optimization of new and existing tools and techniques to enhance capabilities.
Conduct planned, requested, and unannounced testing for Deluxe business units worldwide to identify security gaps and areas for improvement.
Identify technical, administrative and physical security compliance gaps while recommending appropriate safeguards.
Oversee the documentation, implementation and testing of the entire compliance control portfolio.
Report the levels of IT and physical security compliance risk and related control effectiveness to key stakeholders such as IT business unit management, senior management and internal/external auditors.
Work closely with the technology teams of network, systems, operations, and development to ensure management of risk is inclusive to processes contemplated and planned.
Develop, recommend, implement and enforce strategic enhancements to minimize risk in existing processes.
Prepare and deliver presentations to both technical and non-technical audiences.
Manage day to day remediation and mitigation of any gaps found using tools, audits, testing and or interviews with key stakeholders.