Security Assessment Specialist
Location: Bucharest, RO
Requisition Number: 154204
Position Title: Security Operations Specialist
Security Assessment Specialist
We’re EA—the world’s largest video game publisher. You’re probably familiar with many of our titles—Madden, FIFA, The Sims, Need for Speed, Dead Space and Battlefield, to name a few. But maybe you don’t know how we’re committed to creating games for every platform—from social to mobile to console—to give our consumers that anytime, anywhere access they demand. What does that mean for you? It means more opportunities to unleash your creative genius, be inspired by those around you and ignite your path in any direction you choose.
Security Risk and Management Departmental Overview
The role of the SRM department, at the highest level, is to protect the corporation by reducing EA’s exposure to significant security risks by raising awareness and providing a measured, proportionate set of Security and Risk Management controls, services and solutions. This department also ensures that EA is meeting required security standards as defined by a variety of different regulatory bodies. Vision Protect EA’s critical IP, assets, and data while enabling the business to operate securely and effectively. Mission To reduce the overall exposure to security risks by implementing leading technologies, security best practices and processes, raising security awareness to the business, and managing EA's risk to threats.
Main Purpose of the Role
The Security Assessment Specialist will work and report to the Senior Program Manager and Director of Governance Risk and Compliance to assist with both the Security Risk Exceptions (SER) and SOX programs. For SOX, the Security Assessment Specialist will act as the liaison between our Global Auditors and IT key stakeholders to assist with readiness and remediation efforts. For exceptions to our policies tracked via the SER process, the Security Assessment Specialist is expected to manage any incoming requests and see them through the SER lifecycle.
The successful candidate will work alongside colleagues spanning the globe. This position may require occasional international travel.
- Conduct security risk assessments for third party vendors based on an internal customized methodology mapped to ISO 27001
- Have a good understanding of security best practices and EA policies to easily identify vendor’s security gaps and discuss solutions for mitigation
- Review vendor’s security controls and procedures, calculate risk scoring, assign corrective actions and create assessment reports.
- Cooperate and coordinate with Security and Risk Management team members and with other EA internal departments, such as game teams, IT departments to provide security risk assessments.
- Meet service level agreements regarding response time and completion of security risk assessments.
- Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures).
- Provide periodical metrics & reports related to security risk assessment activities to management
- Information security background, knowledge in the following security domains: Management Controls, Physical/Logical Security, Access Control, System & Network Security, Operational Control, Business Continuity, Compliance etc...
- Demonstrated knowledge of recognized security industry standards ISO 27001, PCI, SOX, SSAE16
- Nice to have - CompTIA Security+, CISSP or other information security certifications
- Excellent written and verbal communications skills.
- Detail oriented person
- Customer service skills and ability to use positive language
- Initiative and problem solving skills
- Bachelor’s degree in Computer Science or similar technical specialty.
- Very good experience with Microsoft Office programs
- Ability to coordinate resources to resolve problems.
- Assure report quality reflected by the accuracy of the assessment results based on EA security controls
- security risk assessments are completed respecting internal SLAs
- Assure that corrective actions are set and addressed on time
Community / Marketing Title: Security Assessment Specialist
Electronic Arts Inc. is a leading global interactive entertainment software company. EA delivers games, content and online services for Internet-connected consoles, personal computers, mobile phones and tablets.
EEOText: EA is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status, veteran status, or any other characteristic protected by law. EA also makes workplace accommodations for qualified individuals with disabilities as required by applicable law.
Date Opened: 2019-01-07 07:47:06.757
EEO Employer Verbiage:
EA is an equal opportunity employer. All employment decisions are made without regard to race, color, national origin, ancestry, sex, gender, gender identity or expression, sexual orientation, age, genetic information, religion, disability, medical condition, pregnancy, marital status, family status or veteran status. We will also consider for employment qualified applicants with criminal records in accordance with applicable law.
Location_formattedLocationLong: Bucharest, RO