Sr. Analyst, Cybersecurity Compliance

Welcome to Warner Bros. Discovery… the stuff dreams are made of.

Who We Are…

When we say, “the stuff dreams are made of,” we’re not just referring to the world of wizards, dragons and superheroes, or even to the wonders of Planet Earth. Behind WBD’s vast portfolio of iconic content and beloved brands, are the storytellers bringing our characters to life, the creators bringing them to your living rooms and the dreamers creating what’s next…

From brilliant creatives, to technology trailblazers, across the globe, WBD offers career defining opportunities, thoughtfully curated benefits, and the tools to explore and grow into your best selves. Here you are supported, here you are celebrated, here you can thrive.

The Job 
Warner Bros. Discovery is hiring a talented Sr. Analyst, Cybersecurity Compliance to support the Information Security Compliance program globally across the organization. As a member of the Security Compliance team, you will be a member of the broader Cyber Security team and will work in partnership with Engineering, Technology, Governance, Risk, Privacy, Financial Compliance, Internal Audit, External Audit, Security Engineering, Legal, Technology, IDAM, HR, and other key partners to ensure compliance with various regulatory and policy requirements. The successful candidate will have experience across multiple compliance domains with experience in security, cyber security, audit process/procedure, risk analysis and mitigation, control testing, and continuous improvement initiatives. 
 
You will be responsible for driving areas encompassing both regulatory and non-regulatory compliance such as PCI, Privacy Data Security, Swift, SSAE 18, control implementation and validation, issue tracking and remediation, advisory projects, security assessments, and custom compliance control design assessments. This team focuses on validating that processes are working end-to-end, identifying risk areas and risk treatment/mitigation, as well as participating in projects to understand and determine potential impact to security and regulatory compliance components as well overall compliance to Security Policies & Standards. You will identify areas of improvement and non-compliance which may result in process changes and/or coaching requests. The Senior Information Security Compliance Analyst will perform control validation and reporting across our critical compliance programs as well as information security assessment/analysis, mitigation, and remediation. You will drive various other initiatives to completion and assist in managing and growing an effective Compliance Program. In addition, you will be responsible for a variety of functions centered on effective implementation of all the elements of a compliance program (project): compliance with applicable laws, rules, and regulations, internal policies, and procedures; accepted business practices, ethical standards, and contractual obligations. You will support the development of the compliance assurance process and lifecycle; and oversee security and technical controls testing across the organization to determine control effectiveness and adherence to both internal cybersecurity policies and standards and external requirements (e.g., certifications, mandates, regulations, and contracts). 

OPERATIONS/PROJECT MANAGEMENT 

• Execute on Security & Compliance programs owned by our organization 

• Assist in information security assessment/analysis, mitigation, and remediation. Advise in implementing solutions and mitigation plans for control deficiencies; regulatory and compliance gaps and make recommendations for process efficiencies 

• Drive process improvements and control implementation across business functions, including resolution of assessment findings and independent initiatives 

• Lead targeted compliance audits and reviews, communicating results and recommendations in clear and concise written reports; and collaborate with management to ensure corrective actions are implemented effectively 

• Investigate compliance issues and assist with investigation reports 

• Miscellaneous work as necessary to support the compliance function 

• Validate system requirements, flows, and written procedures through testing and observations, and to ensure regulatory compliance operating procedures and controls are working as intended 

• Participate in cross-functional teams to support various regulatory compliance subject matters ensuring that user activities continue to support systematic processes in place and drive positive compliant behaviors or that proposed new system changes fully meet Regulatory, Security and Legal requirements 

• Perform analysis based on the testing results through observations and reports to identify system and process gaps reducing risk for WBD 

• Document all work, and findings resulting from testing and communicate to relevant stakeholders within defined standard processes 

• Conduct related ongoing security compliance monitoring activities in coordination with the organization’s other compliance and operational assessment functions 

• Maintain current knowledge of appliable global, federal, and state information security laws and accreditation standards 

• Make updates to the Integrated Controls Framework (ICF) as agreed with other team members and relevant governance bodies 

• Lead compliance assessments including testing to demonstrate the effectiveness of controls, supporting team members to ensure reviews are critical, comprehensive, and thorough 

 

COLLABORATION 

• Accountable for organizing and participating in and/or leading meetings with various stakeholders across the company, and across the globe. 

• Technical and process experienced professional who will ensure data and evidence meets audit expectations and regulatory requirements. 

• Responsible for establishing and tracking tasks and projects, assessment status, and can effectively communicate risks and overall status to your management in a timely manner. 

• Stay abreast of existing and upcoming projects to effectively plan your work. 

• Make updates to the centralized issues log, audit calendar, and other key team documents, ensuring accuracy, attention to detail, and overall status. 

• Assist in updating metrics and status updates on a regular basis for your Manager. 

• Ability to partner with other team members, contribute to building a positive team culture, learn internal processes, and contribute to building effective deliverables. 

 

ANALYTICS 

• Monitor the effectiveness of the compliance assessment process in accordance with agreed upon metrics and performance measures to drive continuous improvements 

• Conduct root cause analysis on recurring compliance issues to enhance process efficiency and reduce non-compliance incidents. 

• Collaborate with cross-functional teams to gather, interpret, and validate compliance-related data to ensure accuracy and relevance. 

he Essentials 

• 4+ years working in audit, security, cyber security, and / or compliance environments in a corporate or consulting capacity, with experience in a highly technical setting. 

 

• Relevant certification (CISA, CISM, PCIP, CISSP, ISA, etc.) required. 

• Bachelor’s degree in a technology-related field, or equivalent education-related experience. 

• Experience with cross-functional risk, compliance and/or information security disciplines. 

• Subject matter expertise in the areas of SOX, PCI, SSAE 18, GDPR and/or CCPA. 

• Experience in project management, along with organizational and planning skills. 

• Cloud certification and /or relevant experience assessing security and compliance in the cloud. 

• Experience assisting with building compliance programs, including assessing and managing compliance against agreed standards at the level of individual security controls (administrative, technical / logical, physical) for multiple organizations or business units. 

 

 

Required Skills, Competencies & Personal Attributes:  

• Highly proficient in both spoken and written English 

• You possess the highest integrity commensurate with a compliance & ethics position.  

• Demonstrate superior organization & communication skills 

• You produce clear & polished work product, in narrative and visual form. 

• You have strong quantitative and qualitative analysis skills 

• You have driven change to completion across functions in an IT or comparable technical environment.  

• You can work independently, are flexible and adaptive and demonstrate a passion to operate in a dynamic and fast-growing environment. 

• Creative problem solver who possesses sound business discernment and is highly detailed oriented.  

• Ability to identify risks associated with business processes, operations, information security programs and technology projects. 

• Ability to develop working relationships with the business, and a broad understanding of business processes to translate technical issues into business-related decision points. 

• Ability to drive tasks forward with limited direction. 

• Team player; works well with others; can build trust with different stakeholders throughout the organization. 

 

The Nice to Haves 

• 3+ years of Big 4 experience in a related field. 

• Experience working on Data Privacy Security Controls or Artificial Intelligence Governance Controls. 

• Experience working in a national or global company. 

• Comfortable in working in a highly iterative environment. 

• Having worked as a QSA or ISA in the past 

• Technical and/or Audit experience with AWS and/or other Cloud Databases such as Azure, GCP, etc.. 

• Strong project management and team-building skills, including the ability to partner with various teams and drive projects and initiatives in multiple departments. 

How We Get Things Done…

This last bit is probably the most important! Here at WBD, our guiding principles are the core values by which we operate and are central to how we get things done. You can find them at www.wbd.com/guiding-principles/ along with some insights from the team on what they mean and how they show up in their day to day. We hope they resonate with you and look forward to discussing them during your interview.

Championing Inclusion at WBD

Warner Bros. Discovery embraces the opportunity to build a workforce that reflects a wide array of perspectives, backgrounds and experiences. Being an equal opportunity employer means that we take seriously our responsibility to consider qualified candidates on the basis of merit, regardless of sex, gender identity, ethnicity, union status, age, sexual orientation, religion or belief, marital status, pregnancy, parenthood, disability or any other category protected by law.

If you’re a qualified candidate with a disability and you require adjustments or accommodations during the job application and/or recruitment process, please visit our accessibility page for instructions to submit your request.