Manager, IT Compliance

Job Description

We are seeking a highly motivated IT Compliance Manager to join our Technology team. This role is essential to ensuring that our organization operates securely, remains compliant with relevant regulations, and maintains operational resilience. As an IT Compliance Manager, you will play a key role in supporting risk management, compliance efforts, policy governance, and business continuity planning. You will collaborate closely with security, engineering, IT, and business units—including television production and post-production teams—to build and maintain a strong IT Compliance foundation that supports the company’s strategic and operational goals.

Key Responsibilities:

Governance & Policy Management

• Develop, maintain, and enhance internal policies, standards, and procedures related to IT governance and compliance.
• Ensure policies align with industry regulations and frameworks (e.g., ISO 27001, SOC 2, NIST, GDPR).
• Facilitate policy reviews and approval processes across departments.
• Embed secure handling and technical compliance requirements into policies affecting production and post-production systems.

Risk Management

• Identify, assess, and monitor information security and operational risks across the organization.
• Conduct vendor risk assessments and help manage third-party risk.
• Collaborate with cross-functional teams to track and remediate identified risks.
• Evaluate technical risks specific to production and studio workflows, including cloud-based tools, remote collaboration platforms, and media asset management.

Compliance & Audit Support

• Assist in preparing for audits and assessments related to SOC 2, ISO 27001, SOX, and other frameworks.
• Maintain evidence and documentation to support ongoing compliance efforts.
• Work closely with internal teams and auditors to resolve control gaps and findings.
• Support content protection initiatives and align with standards such as the Trusted Partner Network (TPN) or Motion Picture Association (MPA) guidelines.

Production Studio Compliance Support

• Partner with Production Operations and Technology to assess and enhance compliance controls across studio and post-production environments.
• Ensure secure configurations, access controls, and encryption protocols for on-set, remote, and post-production systems.
• Conduct technical risk assessments on tools and vendors supporting production workflows (e.g., file transfer, editorial platforms).
• Monitor handling of sensitive content (e.g., scripts, footage) and ensure compliance with internal and industry security standards.
• Provide compliance review and documentation for third-party vendors working on studio productions.
• Deliver training to production personnel on secure technology usage and compliance obligations.

Business Continuity & Resilience

• Support the development and maintenance of Business Continuity (BC) and Disaster Recovery (DR) plans.
• Conduct business impact analyses and risk assessments for critical functions.
• Coordinate BC/DR testing exercises and lead post-exercise evaluations and improvements.
• Include production and broadcast systems in continuity planning and recovery strategies.

Training & Awareness

• Contribute to security and compliance training and awareness initiatives.
• Serve as a resource to teams on GRC-related best practices and obligations.
• Tailor communication and training for creative and technical personnel in the studio environment.

Reporting & Metrics

• Help develop GRC-related metrics and reporting for Technology leadership.
• Maintain documentation, dashboards, and systems supporting compliance and risk visibility.

Required Qualifications:

• Bachelor's degree in Information Security, Information Technology, Risk Management, or related field.
• 2–5 years of experience in GRC, IT Risk, or compliance within a technology-driven organization.
• Familiarity with key security and compliance frameworks: ISO 27001, SOC 2, NIST CSF, GDPR, HIPAA, etc.
• Experience with business continuity and disaster recovery planning (ISO 22301 preferred).
• Proficiency with GRC tools (e.g., LogicGate, Archer, ServiceNow GRC, OneTrust).
• Strong communication skills and ability to collaborate across technical and business teams.

Preferred Certifications:

• Certified in Risk and Information Systems Control (CRISC)
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Business Continuity Professional (CBCP)
• ISO 27001 or ISO 22301 Lead Implementer or Auditor

Compensation

$130,000 - $150,000

About STARZ

STARZ (NASDAQ: STRZ) is the leading premium entertainment destination for women and underrepresented audiences, and home to some of the most popular franchises and series on television. STARZ offers a robust programming mix for discerning adult audiences, including boundary-breaking originals and an expansive lineup of blockbuster movies, and is embodied by its brand positioning “We’re All Adults Here.” Complementary to any platform or service, STARZ is available across a wide range of digital OTT platforms and multichannel video distributors and is a bundling partner of choice. STARZ is powered by an industry-leading advanced technology, data analytics and digital infrastructure and the highly rated and first-of-its-kind STARZ app.

Our Benefits

• Full Coverage – Medical, Vision, and Dental
• Annual discretionary bonus and merit increase
• Work/Life Balance – generous sick days, vacation days, holidays, and wellness days
• 401(k) company matching
• Tuition Reimbursement (up to graduate degree)

 

EEO Statement

Starz is an equal employment opportunity employer. All employees and applicants are evaluated on the basis of their qualifications, consistent with applicable state and federal laws. In addition, Starz will provide reasonable accommodations for qualified individuals with disabilities. Starz will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable state and federal law.